Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port forward to IP on remote subnet

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 5 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dariuslightcon.com
      last edited by

      Hi,

      I have problem while forwarding port to IP located on remote subnet:

      WAN–-pfSense (192.168.12.1) ----------(192.168.12.193) Layer 3 switch (192.168.0.200) --------------(192.168.0.80) Computer

      Port forwarding in subnet 192.168.12.x is working. Also static routes are configured and pfSense can ping 192.168.0.80 computer (this computer is also accessible from 192.168.12.x subnet).

      But stadard port forward to 192.168.0.80 is not working.

      Thank you in advance.

      Darius

      1 Reply Last reply Reply Quote 0
      • K
        kathampy
        last edited by

        You cannot port forward across another router (or L3 switch). You must NAT -> Port Forward from pfSense to the L3 switch. Then on the L3 switch again NAT Port Forward the same port to the computer. The computer should also be configured to use the L3 switch as a gateway, and the L3 switch must use pfSense as a gateway.

        1 Reply Last reply Reply Quote 0
        • H
          holger.ernst
          last edited by

          Not sure if this would work but if you get an ICMP reply your routing sems to be basically working.
          Try: System: Advanced: Firewall and NAT -> Mark Static route filtering to "Bypass firewall rules for traffic on the same interface"

          This helped me to get some multi-lan-segment-hassle straight.

          Best regards, Holger

          1 Reply Last reply Reply Quote 0
          • G
            geokef
            last edited by

            Hi,
            dariuslightcon.com i have the same problem. I also for make static ARP entries to next hop router for the mapped ip address with no hope. Have you found any solution since you created this post ?

            Thank you in advance.

            Giorgos

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              Please start your own thread.

              After correcting the record left by @KurianOfBorg, which is 100% incorrect (You can port forward to an address behind another router/L3 switch no problem) I am locking this one as ancient.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 1
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.