Another NAT Redirection/Port Forwarding not working thread :(



  • Virtual Server 192.168.1.100 is listening on port 8080

    Interface: Wan
    Protocol: TCP
    Destination Port: HTTP (80)
    Redirect Target IP: 192.168.1.100
    Redirect Target Port: 8080
    NAT Reflection: NAT + Proxy
    Filter Rule: Rule NAT "Desc"

    After some time, browser would show the correct address but unable to connect:

    www.mydomain.com:8080/subdir/

    The only way to connect is to

    Interface: Wan
    Protocol: TCP
    Destination Port: 8080
    Redirect Target IP: 192.168.1.100
    Redirect Target Port: 8080
    NAT Reflection: NAT + Proxy
    Filter Rule: Rule NAT "Desc"

    Is this a server end "base_url" problem or is this a pfsense problem?



  • Make sure you have disabled the "Disable webConfigurator redirect rule " option in System>Advanced.
    Also check you WAN rules on the firewall.



  • Since you're getting the timeout attempting to connect to :8080, something on your web server is redirecting your request from port 80 to port 8080, which fails since it's not forwarded on 8080. The web application or something else on the web server will have to be fixed.



  • @nothing:

    Make sure you have disabled the "Disable webConfigurator redirect rule " option in System>Advanced.
    Also check you WAN rules on the firewall.

    Disable webConfigurator is "unchecked"
    Filter Rule in NAT is also set to "none"

    It doesn't work. I can't get to my server which has an app listening at port 8080. I'm not sure if this matters, I have multiple webservers in a VM host. All are assigned a different IP and all these servers are listening on different port.



  • Here are the scenarios that I've tried:

    Domain Host:

    hostname - ip address - record type
    app.domain.com - www.domain.com:8080/app - url redirect/url frame

    Pf Sense
    NAT Reflection mode for port forwards: disabled
    Destination Port Range: 8080-8080
    Redirect Target Port: 8080

    Nat Reflection: use system default
    Filter rule association: create new associated filter rule

    Result:
    www.domain.com:8080/app = works
    app.domain.com = works

    Domain Host:

    hostname - ip address - record type
    app.domain.com - www.domain.com:8080/app - url redirect/url frame

    Pf Sense
    NAT Reflection mode for port forwards: disabled
    Destination Port Range: http
    Redirect Target Port: 8080

    Nat Reflection: use system default
    Filter rule association: create new associated filter rule

    Result:
    www.domain.com/app = cannot find site
    www.domain.com:8080/app = cannot find site
    app.domain.com = cannot find site

    Domain Host:

    hostname - ip address - record type
    app.domain.com - www.domain.com:8080/app - url redirect/url frame

    Pf Sense
    NAT Reflection mode for port forwards: disabled
    Destination Port Range: http
    Redirect Target Port: 8080

    Nat Reflection: Nat+Proxy / Pure Nat
    Filter rule association: Pass / None

    Result:
    www.domain.com/app = cannot find site
    www.domain.com:8080/app = cannot find site
    app.domain.com = cannot find site



  • I Noticed something interesting. Looks like only port 80 is not working with NAT reflection.

    the default NAT is set to disable. In Firewall Rules I enabled NAT+Proxy. I then proceeded to setting destination port as 8089:8089 to 8080 redirect. Going to port 8089 redirects to port 8080 and I can access my webserver. If I change it back to port 80, it does not resolve 8080. What seems to be the problem? reverse proxy is enabled and is listening at port 80 btw.

    EDIT: This is working now. However, reverse proxy is the one that's not working so I cannot redirect the traffic to the right server.



  • "Disable webConfigurator redirect rule" needs to be checked, not unchecked. "Check this box to disable this automatically added redirect rule."


Log in to reply