Port Forwarding doesn't work.

eshield

Hello,

I've been testing 2.2 x64 builds for a few weeks till now and noticed that port forwarding still doesn't working (Nobody uses it?  :o).

FW log has entry about successfull connection, but Diagnostics: Show States has:
WAN tcp 10.0.0.2:3389 (172.16.20.1:3389) <- 172.16.2.1:61287   CLOSED:SYN_SENT

In fact, there is no packets are being forwarded to the host. Outbound NAT is working as expected.

Do I miss something or it's a known problem?

Raul Ramos

Hi

Maybe have to do with this? Have you change MTU in the WAN interface? https://redmine.pfsense.org/issues/3666#change-14107.

I have no problems, but i have not change MTU on any interface.

eshield

@mais_um:

Hi

Maybe have to do with this? Have you change MTU in the WAN interface? https://redmine.pfsense.org/issues/3666#change-14107.

I have no problems, but i have not change MTU on any interface.

Thanks for an answer, but it's not the case. I already played with MTUs on both ifaces. Affects nothing.

jimp

Works fine here on the latest snap.

WAN tcp 192.168.1.100:8888 (192.168.2.86:8888) <- 192.168.2.32:33375 ESTABLISHED:ESTABLISHED
LAN tcp 192.168.2.32:33375 -> 192.168.1.100:8888 ESTABLISHED:ESTABLISHED

eshield

Ok, I will double check my conf one more time.

steve72

Same problems here.

Upgraded from 2.1.4 to 2.2.

Running portforwards on both the WAN interface and OPT1 which is a OpenVPN client.

If I stop the OpenVPN service the portforward on the WAN interface starts working again.
If i start the OpenVPN service the portforwards stop working on the WAN interface again.

jimp

That sounds like it could be a config issue, if your OpenVPN client is acting as your default gateway then the behavior you're seeing could be expected if the WAN rules do not get reply-to set (reply-to disabled, no GW selected on Interfaces > WAN, etc)

steve72

I'm pretty sure the WAN was set to the default gateway. But since I reverted back to 2.1.4 I can't check it out.

series_of_tubes

I have the exact same problem.  If the OpenVPN client tunnels are up, port forwarding does not work.  Once they are off, forwarding works as expected.  WAN is set as the default GW. System is 2.2 Beta AMD64 full install.

illizit

I am having the same issue. We use Port forwarding on a DSL WAN connection (MTU of 1492) and we cannot pass traffic.