A VPN port forwarding query with IPv6 complications



  • Hi all, an appeal for help here

    I have a happily working VPN setup as sketched below, most LAN traffic is sent via firewall rule through the UK VPN but I have one computer going out through the Iceland VPN for torrents.  There is also a killswitch rule in place to stop any LAN traffic going out directly through the WAN in case the VPNs go down.  I've stuck the relevant screenshots here http://imgur.com/a/iZOwd

    r  WAN <<<  Iceland-VPN Gateway <<<< 192.168.1.248
    Modem<<< WAN <<<  UK-VPN Gateway        <<<< All other LAN IPs
                    L  WAN xxx                                      xxxx  All LAN traffic

    My issue is with trying to forward port 62465 through to the PC at 192.168.1.248, should be easy no?  My VPN provider has opened the port on their end and I have put in the standard NAT / firewall port forwarding rules as shown in all the guides (e.g. https://forum.pfsense.org/index.php?PHPSESSID=abrc6pfhe8v2r8edhundre6dh0&topic=61656.0) but I'm having no luck actually getting through.

    I'm logging the port forwarding firewall rule and as the screenshot shows, there are a load of blocked connections from what I'm guessing is the pc on 192.68.1.248, it says the "default drop all IPv6 traffic" rule is blocking them but I don't have a default drop all IPV6 rule afaik and why is IPv6 being used at all?

    Can anyone help, I've been banging my brain against this wall for a while now, do I need firewall tweaks, NAT / NAT reflection tweaks or a f**king hammer?!

    Thanks pfsense gurus, any help or leads would be greatly appreciated



  • Hi

    What you want is to redirect the port 62465 coming from WAN to 192.168.1.248?



  • Hiya, thanks for replying

    Yes but won't the traffic appear to be coming in through the VPN gateway, not the WAN?  I want to forward / redirect the external port on the gateway the traffic is coming from through to 192.168.1.248, just like you would on a normal home router but in this case there's a VPN involved….  Does this make sense?  Thanks again



  • BUMP

    I know this is a boring as hell query but the good karma would surely be worth it, I'm dying here…  Thanks


Log in to reply