No access through NAT



  • Hi everyone

    I'm hoping that someone can give me a hand with my problem. I have used the search to try and find similar problems but in most cases the NAT port forwarding doesn't work, but in my case the port forwarding appears to be ok. First some background.

    I'm running pfsense version 2.0.1. It's got 3 NIC's, two are in use for WAN and LAN, OPT1 is not in use. WAN NIC is connected to a fiber box and issued an IP by the provider. The LAN has IP 192.168.2.1/16. The pfsense box runs squid/squidguard, PPTP and L2TP over IPSEC VPN's.

    On the LAN I have:
    Wired with static IP's:

    • 192.168.2.2 - Server running Ubuntu linux

    • 192.168.1.3 - Xtreamer media player

    • 192.168.1.4 - Wireless AP

    • 192.168.1.5 - Canon multifunction printer

    • 192.168.1.6 - Wireless AP

    Wireless via DHCP server running on pfsense

    • Desktop

    • 2 laptops

    • 2 smartphones

    The Ubuntu server box runs a number of services that are accessible on the local network. Mainly file sharing via SMB and AFP, but also some media related services that have a web based control panel. A recent install on the server is Plex media server. My goal is to make this server accessible from the internet. The plex media server resides at 192.168.2.2:32400 and is accessible from my android phone using the Plex app while on the LAN. I added a port forward and a linked firewall rule to forward this port on the WAN interface to the server, I also added a port forward for port 80 (http).

    This does not seem to work, neither the http port forward nor the one for plex. In order to find out the source of this problem i have done the following.

    1. Deleted the port forwards and started fresh.
    2. Pinged my server from an external network to verify that it is available from the internet. Ping is handled by the pfsense router and does work. I can also connect to the VPN's from the internet. This works using the external IP of the pfsense box and the associated dynamic DNS hostname.
    3. verified that all services are available on the LAN.
    4. Enabled logging on the port 80 firewall rule and verified that traffic is being passed through the firewall.

    Another angle on this problem is that while connected through the VPN's I'm also unable to access the plex media server using the plex android app. I can access the servers web page, but the media server does not work.

    I'm partly setting up/troubleshooting this problem over the internet via VPN. Because of routing problems (local and remote LAN's having the same private IP range) I changed the IP adresses of the pfsense box from 192.168.1.1/16 to 192.168.2.1/16 and the IP of the linux box from 192.168.1.2 to 192.168.2.2. After the change I'm unable to access the rest of the equipment still on 192.168.1.x over my VPN connection. I have used TeamViewer to verify that this also holds for a machine on the LAN itself. I thought that the /16 would make the 192.168.0.0 to 192.168.254.254 space routable, is this wrong?

    I'm sure that i have overlooked something in my setup, but for the life of me I can't see it.

    Thanks to the DEV's of pfsense for a powerful tool.

    Kristján Gerhard
    Iceland

    Edit: I took a look at the access log (/var/log/apache2/access.log) for the apache2 web server running on the linux box and it contains only 5 lines, all originating from the VPN pool of the LAN ip address space. I guess this means that the http requests aren't coming through the pfsense box even though the firewall log shows that it's going through, or could this possibly be a problem with the linux box's webserver configuration?



  • are you able to connect internet with this ubuntu machine, in the other words, what is your gateway?



  • @Metu69salemi:

    are you able to connect internet with this ubuntu machine, in the other words, what is your gateway?

    I managed to fix this late last night and then went straight to bed. But you got it straight on, the gateway of the linux box was correctly configured but the configuration hadn't been applied. So, no internet connectivity. I guess I'm having similar issues (read user error :) ) with my LAN configuration and the reason why i can't seem to get the 192.168.1.x and 192.168.2.x subnets to communicate with each other.

    In my continued efforts to run Plex media server (PMS) I have yet again run aground. The PMS appears to able to connect to the mothership (my.plexapp.com) but is unable to publish the server.

    I'm going to head over to the Plex support forums and see if they can give me a hand with reading the logs.



  • try with```
    netstat -lnptu


Locked