Remotely by domain name (static ip provider by ISP) to my firewall (pfSense)



  • Hello, my first time post here  :)

    I starting to like pfSense but take a while for me to get familiar with all settings as its very advanced firewall software :)

    Been used with modem hardware (router) for long time… now my modem become bridge mode with pfSense, no problems and I can access internet fine… now one question if someone can help me

    I currently owned a domain name and my ISP provided me Static IP

    Before with my modem router and I can remotely to my home such as alarm, air condition, surveillance fine with no problems!!!… so I have added my static ip (ISP) to my domain name from cPanel (web hosting) eg home.(domainname).com instead of ip address to remotely coz I not have to type numbers or can’t remember if I forget my Static IP address

    I know that I have to add port forward in pfSense like I did for modem router as well so now pfSense not let me do like home.(domainname).com and is there a way I can enable it?

    Help me mate and now I feel like I’m addicted to pfSense more more :)



  • Welcome to pfsense  ;)

    First, a few admin items:
    What version of pfsense are you running?
    Is your network a simple "home" setup?

    Example:
    ISP<->modem<->(WAN)pfsense(LAN)<->Home computers

    As far as port forwarding, that's under Firewall->NAT->Port Forward.  There's a good description of the options if you click on the "?" in the upper right of that page.
    Try it out and let us know how you get along.



  • Thanks :)

    Latest version: 2.1.3-RELEASE (amd64)

    Yes simple home setup
    ISP<->modem<->(WAN)pfsense(LAN)<->(Switch)<->Home computers, cameras, alarm, a/c, wireless ap

    I did tried to add port forwarding and it will work only if I put static ip address on my mobile, but not the home.(domainname).com as it asked for host/ip address



  • Ahhhhh got it to work if I disabled my mobile on wireless, and using data carrier…

    I’m still puzzle…. On my PC and I did ping my static ip (isp provided me static ip) and it work fine, and can ping home.(domainname).com and it working fine and same ip as my static ip

    but what I did with port forwarding… for eg

    (192.168.0.51)camera1 is on port 80 and port forwarding to port 81
    (192.168.0.52)camera2 is on port 80 and port forwarding to port 82

    it will work fine if my mobile is on 3G/4G but if I’m at home and forget to turn wireless off as my mobile will be connected to wireless ap auto and it will not work that way mmmm

    and same issue if im on my pc and type http://192.168.0.51:81 and it will not work too….


  • LAYER 8 Netgate

    I think you have it backwards.  The router is forwarding port 81 and 82 to port 80 on the cameras.  Connect to http://192.168.0.51/ from the LAN.  (the :80 is implied)



  • Sounds like you're just about there, great!

    Further to Derelict's comment when describing the NAT rules on pfsense, the terminology is always from the point of view of the pfsense box.

    So when setting up forwarding on the WAN port, the "Source" is outside the WAN or coming in from the internet.  The "Destination" is inside the WAN, usually somewhere on your LAN.

    In your case a camera on the Outside (from somewhere on the Internet) appears as staticip:81, which maps to LANaddress:80.

    The problem with trying to use staticip:81 from a desktop machine (or mobile on your LAN's wifi) is that Port Forwarding (properly known as NAT) works great out of the box in one direction: from Outside to Inside.  When you try to connect to staticip:81 from Inside, you have two directions Inside->Outside, then Outside->Inside.

    The short version of all of this is that you need to look at the NAT->reflection setting in your NAT port forwarding.



  • THANK YOU VERY MUCH!!!! Glad its work great and thanks heaps again mate!!!

    More new lessons to learn :)

    Cheers


Log in to reply