Port forwarding help needed asap.



  • Can someone please easily and clearly tell me how to add a port forward?

    I have an Outdoor AP that the manufacturers want SSH access to.. so i need to somehow add a port forward rule on pfsense to 192.168.10.50:22

    How do i do this? i guess i dont want port 22 on my WAN forwarded to that IP cause i guess i then cant SSH to my pfsense box?



  • That's really easy:

    Interface: WAN (Your WAN interface which is connected to the internet)
    Protocol: TCP
    Source: any
    Source Port: any
    Destination: "WAN address"
    Destination Port: 54321  (you can chose nearly any port you like but this is NECCESSARY to know for you manufacturer)
    Redirect IP: 192.168.10.50
    Redirect Port: 22
    Filter rule association: add associated filter rule

    That's all you have to do for NAT. Not sure if you AP has a firewall or something else, too which needs to be configured.



  • As Nachtfalke said but you get there by Firewall -> NAT Port Forward tab.



  • @Nachtfalke:

    That's really easy:

    Interface: WAN (Your WAN interface which is connected to the internet)
    Protocol: TCP
    Source: any
    Source Port: any
    Destination: "WAN address"
    Destination Port: 54321  (you can chose nearly any port you like but this is NECCESSARY to know for you manufacturer)
    Redirect IP: 192.168.10.50
    Redirect Port: 22
    Filter rule association: add associated filter rule

    That's all you have to do for NAT. Not sure if you AP has a firewall or something else, too which needs to be configured.

    Thanks alot. I should have mentioned that the AP is on the LAN interface, s odi i just follow the above but for "Destination:" i select "LAN address" ?

    Also, say i choose port 45001 for example, i just need to give the manufacturer WAN IP and port for them to login?  for example: 189.53.100.10:45001 ?  Is that correct?



  • The AP is on the LAN Network but is not the LAN address. The destination is actually the destination in relation to the remote system. This is going to be either a VIP or the WAN Address. When the manufacturer access the WAN address on the given port (45001), you firewall will redirect that to 192.168.10.50 on port 22. An then you would give your manufacturer the example you listed to access the AP.



  • Excellent, thanks guys.. its all working nicely.  Just wish i could get my public IP block forwarded so easily!! lol


Locked