Another Port Forwarding Post
-
Ok. When. I get home ill do as you say and verify the traffic.
I know how difficult it is to try and tell someone how to do something they have never touched before and I appreciate the patience with me.
-
I can walk you through verification of traffic getting there, that is no problem - if need be I am open to using say teamviewer and we can walk through it together via your PC, where we can chat and you can see everything I do, etc.
But until we can verify there is traffic getting to the pfsense, there is nothing to troubleshoot ;)
-
OK!!!! Good NEWS!!! LOL IT WORKS!!
So today while at work I had nothing going on so I decided to spend some time reading 2 books that for a beginner with pfSense and real networking need to have. one is "pfSense: the Definitive Guide" and the other is "pfSense 2 Cookbook".
After taking the time to slow down and actually read your posts I sat down this evening to do exactly as you stated. There was no traffic inbound. At that point I decided I was going to start everything from scratch. I reinstalled pfSense and started at the beginning. As I started setting things up I had a separate machine tied to the AT&T box to watch what it was doing as well. I noticed that even though my VirtualBox PC was connected to the pfSense network it kept popping up on the AT&T box as well. This being exactly what you had suspected, a double NAT. This is where the 2 books came into play. They helped me understand what you were saying with the double NAT and it gave me some insight on how to fix the issue.
So I unplugged every connection from the pfSense box with the exception to the PC that runs the VirtualBox web server and with my extra PC tied to the AT&T box I completely blew out all the previous NAT's and reset the unit to factory defaults. Once that was done I noticed that the double NAT went away. I then did the test to check for traffic to the pfSense box using canyouseeme.org and sure enough, pfSense was now seeing traffic!!
I then set up the NAT's for the ports I Needed on the pfSense box and sure enough my web sites were back live as well as my CCTV DVR. Everything is working and I now have a much better understanding of pf and real routing.
I would like to say thanks to you johnpoz for sticking with me even though it was like teaching a wall how to be a door. With that I would like to tell everyone out there looking for help this, SLOW DOWN!! get yourself the two books I mentioned and read them front to back and when you come here asking the guru's for help actually read their posts, follow their process and don't be stubborn, you asked for help for a reason
-
Well that is great news.. Glad you got it sorted..
Sure your going to love pfsense, see how easy it was to create a nat ;)
-
Yep. I have now started adding packages and all is going well except for squid and lightsquid. But ill figure them out tomorrow. My brain needs a rest and since i have been playing with pf since Saturday non stop my wife thinks I'm a stranger ahaha
-
This is your home network right? Other than playing with, normally home networks have no use of a proxy. Now use to use them back in the day when needed to keep an eye on teenage sons internet usage and filtering of porn ;)
Unless your just wanting to play/learn about how to use a proxy in pfsense - not sure I would install. Complicates the setup without justification most likely.
-
I initially wanted to install it for the web cache and to monitor where my son goes on his ipad. The i decided i really dont need it so i deleted it. I will eventually sent up another box i have to do testing and learning on, now that i have a live box i dont want to go jacking it up LOL.
Everything is working except for 1 thing. When i go to my website using the same machine the virtualbox is on, it forces me to https and then gives me a dns issue.
I can reach the websites just fine from any device on the network except for the PC hosting the virtual box.
-
And how are you trying to access the website? Using public IP/fqdn using nat reflection? If you local and accessing local IP, pfsense is not in the picture you never talk to pfsense when doing that.
Do you have nat reflection enabled if your wanting to access your local network using public IP for pfsense just to forward you back in.
-
Accessing the site from a private 192.168.1.x network behind PF to a 192.168.1.x address. MY windows 7 PC that has virtualbox running on it with the web server. Access to the site is fine from any computer on the network, just not the host PC with VirtualBox running on it.
What it does is when i put the web address in it automatically directs me to the HTTPS address which don't exist, no certificates for it. Anyway i just went into my web server and turned SSL from default to off on each domain and that fixed the problem. Only problem is if i ever decided to do SSL on those sites ill have to figure out the real reason it didn't work.
But to answer the other half of your question. I do have NAT reflection on.
-
"Accessing the site from a private 192.168.1.x network behind PF to a 192.168.1.x address."
then pfsense has nothing to do with that traffic. You only talk to pfsense if your wanting OFF the 192.168.1.x network.
If you don't have SSL cert, then no your webserver can not serve up SSL. If you want to access SSL from outside pfsense, then you would need to forward 443.
But again if your just talking between 2 clients on your same 192.168.1.x network - then pfsense is not involved in that conversation. Unless you were bridging to interfaces on pfsense, and one machine was connected to 1 and other connected to other interfaces on the pfsense bridge. Other than sort of setup - no pfsense is not involved in local network traffic.