Port forwarding



  • I'm fighting for a week with port forwarding in pfSense 2.3. Configuration is simple: 2 WAN interfaces with failover (using gateway groups instead of switching default gateway), transparent proxy, Suricata and a few OpenVPN tunnels. I read many tutorials, but virtually all of them relate to pfSense 2.2 and lower.
    I wonder if anyone succeeded to do port forwarding with 2.3 version ?!
    I have no idea what I do wrong, therefore is above question.


  • Rebel Alliance Developer Netgate

    There is nothing different about port forwarding on 2.3.

    What exactly do you have configured and how exactly is it not working?

    I have a test setup for Multi-WAN on 2.3 right now and I can forward ports on both WANs at once.

    Important things to note:
    1. Make sure you have gateways set under Interfaces > WAN, WAN2, and so on if they are static
    2. Do NOT use gateways on WAN firewall rules. Just plain port forward associated rules will do the job



  • Ad.1 It's like you write
    Ad.2 I do not quite understand what you mean. I have two WAN interfaces: Biaman and Orange…in "Firewall/Port Forward" I set two sample rules (see attached PortForward.jpg). Automatically were created associated rules in "Firewall/Rules" (two last lines in FirewallRules.jpg). When I access to http://biamanIP:58602, I can't connect to HTTP Server listen on 10.0.10.100






  • Your config is correct.

    Go through the troubleshooting steps no differently from any other version. You can eliminate common problems #1 assuming your config's still as it was when those screenshots were taken.
    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting



  • @cmb:

    Your config is correct.

    Go through the troubleshooting steps no differently from any other version. You can eliminate common problems #1 assuming your config's still as it was when those screenshots were taken.
    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    I followed mostly troubleshooting from your link earlier. Mostly, because 10.0.10.100 box is not property of my company and I can't log into it.
    But…I would like to thank jimp and cmb for ensuring me that port forwarding with multi WAN config works in pfSense BETA, thanks to what I began to investigate much deeper and found a "bug" :)
    An hour before I migrated from previous system to pfSense, someone from company supporting that device logged in and changed (probably by mistake) default gateway. From LAN side HTTP server on 10.0.10.100 worked properly, but port forwarding didn't work.
    Because I'm newbie in pfSense I assumed that I configured something improperly :)


Log in to reply