Portforward using "Other" does not seem to work

eddiex

Hi!

My pfsense-box at home has now been running for some time now and it has proven to be rock solid (in every way!) - it is a breeze to use and it does not lack any features that I know of so far. :-) It is running latest stable version of pfsense.

However, I have one question regarding forwarding ports using the option "Other" in the drop down menu, so below follows my question:
Creating a port forward using the option "Other" for the port configuration gives me, visually, a port forward in the UI that looks just like any other (working) port forwards that are created using a known port/protocol in the drop down, but it does not seem to forward any traffic.

Some examples:

WAN:80 -> 192.168.2.XX:80 (Works fine)
WAN:8080 -> 192.168.2.XX:80 (Does not work)

My setup is (somewhat simplified, see attached image):
[WAN] –> PFSENSE --[VLAN TRUNK]–> SWITCH(L2) --[Untagged]–> [SERVER XX]

Thanks in advance, and I will gladly provide further information/configuration if needed.

Best regards,
Eddie

pfsense-pforward-vlan.png_thumb

cmb

If there's absolutely no difference between the 8080 and 80 port forwards (you left source port to any on the dest 8080, everything else matches), then it's most likely #5 here.
http://doc.pfsense.org/index.php/Port_Forward_Troubleshooting#Common_Problems

eddiex

I had hoped so, but I read those bullets before creating my post and I don't think it is the case here (if I understand them correctly). I have tried different ports and all with the same result, and I was able to forward such ports using my old fw/router (ISP has not changed).

So either my ISP have changed their available ports or there is something else going on in my pfsense-box?

PS. Thanks for the QUICK response.

cmb

Post a screenshot of your NAT rules.

eddiex

NAT rules for 22 and 80 works fine, but the 2222 rule does not.

See attached image for further details and as I said I'm open for providing more info etc.

pfsense-nat.png_thumb

cmb

It works, assuming your WAN IP on that system is the same IP you're accessing the forum using.

telnet 83.x.x.x 2222
Trying 83.x.x.x…
Connected to ...................................
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1

eddiex

Hmm, that's really interesting since the only thing I can think of that has changed since my last test was that I upgraded to the latest version of pfsense (from 2.0.1).

Then I guess it is solved and the pfsense remains flawless.

Thank you very much for the input and help!

eddiex

I've now figured out why I was unable to connect using my 2222 NAT, and the reason is blocked ports at work (suddenly they only allow <= 1024) and thus makes it quite hard to verify my NAT rules at home.

I'm ashamed to have believed that it depended on pfsense.