• Hi,
    Let me congratulate each one of you for such a great support  :)

    I am a newbie to pfsense trying to setup a firewall for my local network.
    Below is my setup.

    1. A modem (in bridged mode) to supply dsl and connected to the wan port of pfsense.
    2. pfsense acts as pppoe, dhcp and firewall. pfsense's lan port is connected to switch.
    3. all computers are connected (wired) to switch.
    4. Another modem is connected to this switch to supply wifi (alone) which pass through pfsense's dhcp.

    With this setup, I am able to browse and it works perfect.
    I have port forwarded 143, 443, 80, 5060 to my internal server (192.168.1.X for example).
    Telneting is working fine with these ports. But when I try these ports (https and http) from outside the network (internet using dyndns),
    I can't access anyone of them.

    Pfsense setup:
    type: PPPoE


    Bridge with: WAN
    ip address:


    If                          Proto                 Ext. port range                   NAT IP                       Int. port range                        Description
    WAN                          TCP                 443 (HTTPS) 94.98.xx.xx) 443 (HTTPS)                         pf_https
    WAN                          TCP                 143 (IMAP) 94.98.xx.xx) 143 (IMAP)                         imap_temp
    WAN                          TCP                 80(HTTP)    94.98.xx.xx) 80 (HTTP)                    pf_http


    TCP * *            *               *         *   incoming_allow_all_wan
    TCP * * 443 (HTTPS) *   NAT pf_https_asterisk
    TCP * * 143 (IMAP) *   NAT imap_temp
    TCP * * 80 (HTTP)         *   NAT  
    UDP * * 5060 (SIP) *   NAT  
    UDP * * 10000 - 20000 *   NAT

    DNS forwarder : Enabled
    DHCP server: Enabled and working fine

    Could any one of you help me out to solve the issue....
    Thanks all once again in advance!!! :)

  • Could you try to switch the WAN to standard ethernet, put a switch in front of the pfSense and connect like this to the WAN?

    Can you exclude the possibility that your ISP is blocking these ports?

    You write that you bridge your LAN with WAN.
    This would indicate that you're running a filtering bridge and not a routed scenario.
    If you're not routing/NATing, you cannot create inbount NAT rules.
    You simply allow the traffic with firewall rules on the WAN.

  • Froeschli, many thanks indeed for the reply :)

    Two things:
    1. I know, for a matter of fact, that my ISP does not block these ports.
    2. I have tried my LAN in both bridged mode as well as non-bridged mode with the WAN interface and
    have always created rules to allow all the incoming/outgoing traffic from all the ports/IPs.

    I will try to remove the modem from the scenario and have a switch put in place as per your suggestion and will let you know.

    Thanks again,

  • Netgate Administrator

    PPPoE for interface in port forwarding?  ???

    Edit: Nope forget that!  ::)