Inbound Port Forwar to VLAN IP



  • Hi,

    I'm having an issue forwarding an external port to in internal IP address that's behind a VLAN on pfsense.

    Here's an example of my network layout -

    WAN (9.9.9.9)
              |
        PFsense
        |      |
    VLAN1  VLAN2  (vlan 1= 10.17.0.1) (vlan 2= 10.18.0.1)

    The server's are behind VLAN1 and VLAN2 are 10.17.0.100 and 10.18.0.100, both these VLANS are LAN tagged and working properly, I can ping and get to the internet from both VLANS no issues

    Here's what I've done:

    • Setup Outbound NAT to Manual and added the IP addresses subnets 10.17.0.0/24 and 10.18.0.0/24
    • Setup Port forwarding and firewall rules to allow external ports pointing to server behind VLAN

    When I try to access the service on the server on the VLAN subnet from the WAN IP and port, I get nothing.

    Please help! :)

    Thanks



  • Do you have a trunk port going to the firewall and vlan interfaces in pfsense?


  • Netgate

    Instead of telling us what you think you've done, give us specifics as to exactly what you've done.  Screen shots are probably best.

    If you had done everything you say it should be working, but without details it's impossible to tell what's wrong.

    Inbound port forwards require both a NAT port forward and a firewall rule on WAN.  You can have the NAT entry automatically create a rule for you or do it manually.)

    pfSense doesn't care if it's a physical interface or a VLAN.



  • And you don't need to change outbound NAT - what you did will not break anything, but it won't help either, and when you add more LANs you would have to remember to add the manual outbound NAT entries for them.

    As Derelict says, post some screen shots of the Port Forward and firewall rules.