Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Having problems with port forward

    Scheduled Pinned Locked Moved NAT
    6 Posts 4 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tubaguy50035
      last edited by

      http://img231.imageshack.us/i/firewallrules.jpg/

      That's what my firewall rule is.  I had it set to 192.168.0.2 (web server) as destination and it didn't work.  What else should I be looking for?
      I had this working and then one day I tried to open up another port to that same server and it stopped working.  Any ideas?

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        The source port is NOT going to be TCP 80.  Source ports are a randomly selected, high numbered port.  Set your source port to any and this rule will be correct.  Destination should be to a specific IP address, the internal IP address of your web server.

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Shouldn't the destination address be the WAN ip if it's used for port forwarding?  :-\

          I presume you have setup a portforwarding rule as well as the firewall rule.

          Steve

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke
            last edited by

            In pfsense 2.0 the easiest way to do port forwarding is to go to "FIREWALL -> NAT" and create the Port Forwarding rule AND within the Port Forwarding rule you can add the correct firewall rule with "Filter rule association".

            @stephenw10
            In the firewall rule, the destination address isn't the WAN address but the web server address (192.168.0.2).
            In the NAT rule you are right.

            Nevertheless like submicron said:
            The source port has to be "any" and NOT 80.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Hmm, that's interesting.
              So, it's hard to visualise but, the port forwarder is 'outside' the firewall?
              I.e. from the point of view of an incoming packet on WAN it hits the portforwarding rule before the firewall filter. I would have thought it was the other way around. I'll have to go and re-read the docs!

              Steve

              1 Reply Last reply Reply Quote 0
              • T
                tubaguy50035
                last edited by

                That makes sense.  I knew that was how the firewall worked just forgot the source port needed to be *.  I must have changed that on accident when I was trying to forward another port which probably had the same problem!  Thanks!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.