Webserver behind pf Sense



  • Hello,
    I know my english is bad but i wil try it :)

    I have a Synology Nas wo is running a Webpage.
    The webpage is now available for local Network.

    Now its the moment where i like to go online with this Page.

    I set into the pf sense folowing things.
    i Disabled "Block private networks"

    Admin Access:
    Protocol = https
    tcp port = 81
    (so i think port 80 is free)
    and i add following NAT:Port Forward:

    if=Wan // Proto: TCP // Src.addr=* // src.ports=* //dest.addr=WAN address // dest.ports=80(http)//nat ip = 192.168.61.5(Synology) // nat ports= 80(http)

    i cant access the page.
    can someone help me?


  • Rebel Alliance Global Moderator

    from where can you not access the page - are you trying to do a nat reflection as a test?  Or are you actually outside your network.  Why did you turn off block private networks, is your wan on pfsense a private behind a nat.  If so you would have to forward as well on the device in front of pfsense.

    When you created the port forward, did you let it create the firewall rule?

    You sure your web server is not running its own firewall blocking access from anything not on the 192.168.61.0/24 - does this webserver have its gateway set to pfsense, ie can it actually talk to the internet?  Make sure that 80 is not blocked by your isp.. Many isps for home connections block inbound traffic to server ports, etc.

    All of these basic troubleshooting steps are in the port forwarding troubleshooting doc https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting



  • From outsite works now… but when i try it intern with wan address it wont work.



  • To access the LAN server through its WAN IP address, you need to enable NAT Reflection.  System - Advanced - Firewall / NAT - Network Address Translation.