Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port Forwarding issue.. Remote host using client machine LAN address.

    Scheduled Pinned Locked Moved NAT
    3 Posts 1 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      biyanpian
      last edited by

      I am having trouble with port forwarding (with 2.0 release).  I'm fairly certain that I have set the port forward set up correctly, but have something else very basic configured incorrectly, as I noticed something that seemed like it might be related.  When I test the working port forward with another router, the host reports correctly that port N on (my public IP address) is open.  When I test the nonworking port forward with my pfsense router, the host reports that port N on (my specific machine's private IP address: i.e. 192.168.0.202) is closed.  Similarly, I was surprised to see that at least one web site with a port scanning function reported my IP address as the private IP address.  This leads me to believe that I have something fundamental within pfsense configured incorrectly, as I am assuming that the destination should be reported as my public IP address, not my machine's private IP address.  Furthermore, I have the associated rule set to log traffic, and there are no entries in the log from when I run the test.

      Nonfunctioning port forwards have not been isolated to a single client machine or program, and I have tested with a variety of ports.

      Can anyone give me a clue as to what's gone wrong, based on the above?

      1 Reply Last reply Reply Quote 0
      • B
        biyanpian
        last edited by

        The actual WAN IP (172.16.1.8) differs from my public IP, as it is assigned by a wireless radio, which is how I get internet.  All traffic, except that over a single port which the ISP uses to monitor the radio, is forwarded "transparently" to my WAN adapter's MAC address.  I use the MAC "spoofing" feature in pfsense, as well as with my other router, which I use for testing.  On the alternate router, port forwards work fine, and online services correctly report my public IP address.

        Here is one example of a port forward configuration that does not work (Though I have also tried "any", and "single host or alias" in Destination with my public IP, and with my actual WAN IP, with the same result).

        Disabled:  unchecked
        No RDR (NOT):  unchecked
        Interface:  WAN
        Protocol:  TCP/UDP (I have also tried "TCP" and "UDP")
        Source:  unchanged
        Destination:  WAN address
        Destination port range:  33334 (I have tested other ports)
        Redirect target IP:  192.168.0.101 (A different computer than the one in the original post)
        Redirect target port:  33334
        Description:  (blank)
        No XMLRPC Sync:  unchecked
        NAT reflection:  use system default (I have tried with NAT reflection enabled and disabled)
        Filter rule association:  Rule NAT (Automatically during selection of "Create new associated filter rule"; I have also tried "Pass")

        1 Reply Last reply Reply Quote 0
        • B
          biyanpian
          last edited by

          It is now working as it should.  Factory reset.. probably a bad beta package.. no more aggravation.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.