Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Forwarding ports?

    Scheduled Pinned Locked Moved NAT
    16 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      killmasta93
      last edited by

      Hi,
      So…this is embarrassing..im not sure if there's a glitch in 2.2.2 which i have been reading other threads but coming from ddwrt I know how to port forward and more. The funny thing on pfsense The port 80 i can forward but i cant seem to forward 8080 which is the port to forward ddwrt router. Pfsense if handling the dhcp and the nighthawk router is as an access point working perfect. I tried forwarding the ports on the ddwrt (obviously didn't work just did it for the hell of it) can anyone shed some light?

      Thank you
      Clipboarder.2015.04.21-008.png
      Clipboarder.2015.04.21-008.png_thumb
      Clipboarder.2015.04.21-009.png
      Clipboarder.2015.04.21-009.png_thumb
      Clipboarder.2015.04.21-010.png
      Clipboarder.2015.04.21-010.png_thumb
      Clipboarder.2015.04.21-011.png
      Clipboarder.2015.04.21-012.png
      Clipboarder.2015.04.21-013.png
      Clipboarder.2015.04.21-013.png_thumb

      Tutorials:

      https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

      1 Reply Last reply Reply Quote 0
      • K
        killmasta93
        last edited by

        bump

        Tutorials:

        https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          And why don't you just put in the IP of nighthawk?  Why do you have an alias in use?  Do you have an IP in the alias or name that is not resolving?

          What is the IP?

          Have you looked and followed https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • K
            killmasta93
            last edited by

            Hi,
            Thanks for the reply. I tried without alias the IP was 192.168.1.151 with port 8080 didnt work. Funny thing that all ports listed worked fine but when i tick other and put another port like 85 did not work. I will roll back to 2.1.5 to see if it works tonight and I will keep you posted if anything. I also tried the wiki but I know i can forward those ports because i have another router(ddwrt)  connected to my modem (bridge) and I can forward any port on ddwrt with no problem. Also side note I have two different external IP. I have no idea why.

            Thank you again

            Tutorials:

            https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              Your other IP is 192.168.3.1, do you have more than 1 lan segment?

              And have you gone through the doc I linked too - this is no brainer stuff to troubleshoot.  Did you sniff on your wan and the traffic is there, did you sniff on your lan and is the traffic sent?

              Are you trying to forward to the lan IP of your dd-wrt router?  And its also doing nat?  Draw out your network.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                @killmasta93:

                I will roll back to 2.1.5 to see if it works tonight and I will keep you posted if anything.

                Don't bother, that won't change anything. There's definitely nothing wrong with port forwards in any version.

                Go through the troubleshooting steps listed in the port forward troubleshooting document johnpoz linked. Try to connect from outside, go to Diag>States and filter on :8080. See it there? If not, packet capture on WAN filtering on port 8080. If so, what does the state look like?

                1 Reply Last reply Reply Quote 0
                • K
                  killmasta93
                  last edited by

                  So here my setup the 192.168.1.1 is completely separate and has no contact with pfSense. Later tonight i will send the information

                  Thank you

                  Drawing1.png
                  Drawing1.png_thumb

                  Tutorials:

                  https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                  1 Reply Last reply Reply Quote 0
                  • K
                    killmasta93
                    last edited by

                    hi so heres the screen shot of the ports
                    Im just curious why it does not work for 8080 when i can forward on pfSense port 80 and 443 with no problem

                    Thank you

                    Capture.PNG
                    Capture.PNG_thumb
                    Capture2.PNG
                    Capture2.PNG_thumb

                    Tutorials:

                    https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator
                      last edited by

                      So what does a sniff show on the lan of pfsense - does it show it sending the traffic?  Does dd-wrt answer?  Looks like not answering to me.

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 0
                      • K
                        killmasta93
                        last edited by

                        o snap i think your right..i just tried port 22 i unchecked pfSense ssh to test the port then I tick ssh then open the port it worked. Hmm…howcome ddwrt not answering? well..worst case just create a vpn and connect to ddwrt

                        THANKS :)

                        Tutorials:

                        https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                        1 Reply Last reply Reply Quote 0
                        • C
                          cmb
                          last edited by

                          The connections are in time wait, which means they were successful at the TCP level bidirectionally, so your port forwards are fine. I presume that's the web interface of the DDWRT, what did you see in a browser trying to browse to :8080 on your IP from outside?

                          1 Reply Last reply Reply Quote 0
                          • K
                            killmasta93
                            last edited by

                            i think i need to play with some iptables in ddwrt to make it listen on that port because WAN is disabled on ddwrt

                            Tutorials:

                            https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                            1 Reply Last reply Reply Quote 0
                            • K
                              killmasta93
                              last edited by

                              o snap…port 80 is also ddwrt internally and 8080 wont work because its for the WAN and its disabled.

                              My 2 options are:

                              Change port 80 on pfSense which I really dont want to
                              or
                              find a way to change port 80 on ddwrt
                              OR
                              is it possible two devices running on the same port (80) be able to port forward (maybe crazy idea)  :P

                              Thanks

                              Tutorials:

                              https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                              1 Reply Last reply Reply Quote 0
                              • D
                                doktornotor Banned
                                last edited by

                                There's really nothing preventing you from forwarding 8080 -> 80 or whatever. As a generic note, you'd better get HTTPS working everywhere. Sorry but sending firewall/router credentials in plaintext over internet is a very bad practice.

                                1 Reply Last reply Reply Quote 0
                                • johnpozJ
                                  johnpoz LAYER 8 Global Moderator
                                  last edited by

                                  Why anyone would allow public access to their admin gui of anything is beyond me..  If you want to admin dd-wrt while your remote then vpn into pfsense and do it that way.  Then you don't have to forward anything either ;) This is way MORE secure..

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                                  1 Reply Last reply Reply Quote 0
                                  • K
                                    killmasta93
                                    last edited by

                                    Thanks johnpoz and doktornotor your completely right. Its better though VPN i guess i got used to ddwrt for a while didn't want to let it go.  :P Just trying to adapt more to pfSense now  :)

                                    Thank you again

                                    Tutorials:

                                    https://www.mediafire.com/folder/v329emaz1e9ih/Tutorials

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post
                                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.