Port forwarding not working in pfSense 2.1-RELEASE (amd64)

  • Hello,
    this is my first time using pfSense so please be gentle  :)
    I had WRT54GL but i decided to replace it with a server that has two physical network cards. On that server i have installed ESXi. On of virtual servers is also pfSense. Now, i've installed pfsense and got internet to work(though i am not exactly sure how) :P I have one physical card connected to modem and is set to PPoE(WAN) and another one that is connected to switch(LAN). I have one gateway that looks like this:

    Name                 Interface     Gateway         Monitor
    LANGW (default) WAN

    IP is also my external static IP given to me by mi ISP.

    Then i added NAT rules for one of my virtual servers with our website.

    If     Proto Src. addr     Src. ports Dest. addr Dest. ports NAT IP         NAT Ports
    WAN     TCP *             *                 WAN address 80 (HTTP) 80 (HTTP)

    And firewall rule:

    IPv4 TCP * * 80 (HTTP) * none

    Still, if you go to vpl.si website is still not working.

    Any ideas? Thanks!  8)

  • Are you testing from inside your network ? If so you may need to turn on NAT reflection this is found towards the bottom of the nat rule creation page.

  • LAYER 8 Global Moderator

    well I show that resolving

    ;vpl.si.                                IN      A

    vpl.si.                3600    IN      A

    And show it serving up html

     wget vpl.si
    --2014-01-06 09:27:03--  http://vpl.si/
    Resolving vpl.si (vpl.si)...
    Connecting to vpl.si (vpl.si)||:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 3023 (3.0K) [text/html]
    Saving to: ‘index.html’
    100%[======================================>] 3,023       --.-K/s   in 0.02s
    2014-01-06 09:27:03 (175 KB/s) - ‘index.html’ saved [3023/3023]
    cat index.html
    <title>VPL - metalizacija, zlatenje, srebrenje, lakiranje, brizganje plastike in orodjarstvo</title>

    So seems to be working to me - as stated if your trying to access your public IP from the lan side then you need to make sure nat reflection is enabled.

Log in to reply