Can access pfsense in NAT but not other servers?



  • Problem: - Can't access my other servers on NAT portforward. Although I can access if I put my pfsense address on my public IP.
                  - Is a total noob
    I've attached some images to help out if I have misconfigurations, if you need anything just let me know I'll reply quickly.

    Thanks a lot!







  • Are the servers using pfSense as the default gateway? Is port 80 blocked by your ISP? Try forwarding port 80 to pfSense's LAN address to see the web UI is accessible over HTTP from outside.

    Are you actually checking this from a remote network and not from your LAN via NAT reflection?



  • 1.  If you are inside your own LAN and you are trying to access your server page using its private IP pfsense is dishing out, it should work.
    2.  If you are inside your own LAN and you are trying to access your server page using public IP, it shouldn't if NAT reflection is off.  If NAT reflection is on and you are inside your own LAN it should work, however this is no guarantee its actually working from the outside since your ISP could block the port. 
    3.  Its possible your ISP is blocking 80?
    4.  Assuming none of the above are the problem, is the computer on port 192.168.0.201 running a firewall?

    Also, there are people here in the forums who don't like to do this, however if you are going to need 443 and 80 for other servers, I'd change the ports my pfsense gui operates on.  While there is a command to allow pfsense and another host to basically share a port, I wouldn't use that solution.  I'd keep my pfsense interface exposed only on the LAN side of the network and move the interface port to non-standard ports and leave 80 and 443 free for my other servers.

    If you want to know if things are working from the outside but don't have a second connection to try from handy, a cellphone browser with a data plan is good for that or you could use browsershots.org