Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Port forwarding, VPN and firewall rules

    Firewalling
    1
    3
    882
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lovingHDTV last edited by

      I need help.  I've been reading all I can on port forwarding and still cannot get access to my Plex server.  I'm sure it has something to do with my firewall rules, my VPN WAN interacting.

      Plex by default uses UPNP or NAT-PMP, which I have enabled and do see setting in the status report.  However, this is not working so I create a manual one.

      I created it on my VPN gateway and redirected port 32400 from any VPN gateway address to tower using the same port number.  This didn't work either.

      How do I setup a port forward if it is coming in over a VPN gateway.  Can it be done on the VPN gateway or does it have to be done LAN or WAN instead?

      My setup:
      Gateways
        WAN - normal gateway
        PIAVPN - openvpn gateway

      My LAN firewall rules send traffic from my work laptop, and my VOIP alias (two IP addresses for my two Ooma boxes) out WAN and everything else goes out the PIAVPN.

      All other firewall rules are floating, not associated with any interface and only direct traffic through queues for traffic shaping.

      One set of shaping rules is to send all the TCP and UDP data from my tower server (192.168.1.107) through the p2p queue because it does backups and such.  This is also my media server running Plex that I want to have access to from the outside.  Plex talks via port 32400 so I wanted to port forward this port to tower.  These firewall rules don't block anything, just specify which queue to use.

      What am I doing wrong?

      thanks

      1 Reply Last reply Reply Quote 0
      • L
        lovingHDTV last edited by

        Maybe a more specific question.

        If my ingress gateway is a VPN gateway, can I do port forwarding on that gateway or will the port number not be useable.  If it is unusable, do I then do the port filtering on the LAN interface?

        thanks
        david

        1 Reply Last reply Reply Quote 0
        • L
          lovingHDTV last edited by

          Final followup.  It was not a port forwarding issue.  It was because my VPN provider Private Internet Access does not support port forwarding.  At least not in a straightforward way.

          I finally figured this out by looking at the state tables, and realizing that no traffic of port 32400 ever entered pfsense.

          Just in case someone else is dealing with this issue, verify that your VPN provider actually supports it.

          david

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy