1. Home
  2. pfSense® Software
  3. NAT
  4. Port Forwarding issue.. Remote host using client machine LAN address.

Port Forwarding issue.. Remote host using client machine LAN address.

  • B

    I am having trouble with port forwarding (with 2.0 release).  I'm fairly certain that I have set the port forward set up correctly, but have something else very basic configured incorrectly, as I noticed something that seemed like it might be related.  When I test the working port forward with another router, the host reports correctly that port N on (my public IP address) is open.  When I test the nonworking port forward with my pfsense router, the host reports that port N on (my specific machine's private IP address: i.e. 192.168.0.202) is closed.  Similarly, I was surprised to see that at least one web site with a port scanning function reported my IP address as the private IP address.  This leads me to believe that I have something fundamental within pfsense configured incorrectly, as I am assuming that the destination should be reported as my public IP address, not my machine's private IP address.  Furthermore, I have the associated rule set to log traffic, and there are no entries in the log from when I run the test.

    Nonfunctioning port forwards have not been isolated to a single client machine or program, and I have tested with a variety of ports.

    Can anyone give me a clue as to what's gone wrong, based on the above?

    0
  • B

    The actual WAN IP (172.16.1.8) differs from my public IP, as it is assigned by a wireless radio, which is how I get internet.  All traffic, except that over a single port which the ISP uses to monitor the radio, is forwarded "transparently" to my WAN adapter's MAC address.  I use the MAC "spoofing" feature in pfsense, as well as with my other router, which I use for testing.  On the alternate router, port forwards work fine, and online services correctly report my public IP address.

    Here is one example of a port forward configuration that does not work (Though I have also tried "any", and "single host or alias" in Destination with my public IP, and with my actual WAN IP, with the same result).

    Disabled:  unchecked
    No RDR (NOT):  unchecked
    Interface:  WAN
    Protocol:  TCP/UDP (I have also tried "TCP" and "UDP")
    Source:  unchanged
    Destination:  WAN address
    Destination port range:  33334 (I have tested other ports)
    Redirect target IP:  192.168.0.101 (A different computer than the one in the original post)
    Redirect target port:  33334
    Description:  (blank)
    No XMLRPC Sync:  unchecked
    NAT reflection:  use system default (I have tried with NAT reflection enabled and disabled)
    Filter rule association:  Rule NAT (Automatically during selection of "Create new associated filter rule"; I have also tried "Pass")

    0
  • B

    It is now working as it should.  Factory reset.. probably a bad beta package.. no more aggravation.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy