Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't forward port 80.

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zeedarn
      last edited by

      I have 3 network interfaces.
      1LAN
      1WAN
      1OTP

      HTTP(Apache) is on OTP
      LAN/WAN is supposed to be able to access the server on port 80.
      I can access it from LAN (Same subnet/iprange)
      I can not access it from my external IP.
      Webgui has been changed to port 9090.
      This issue is ONLY on PfSense. It works fine with my other routers. ISP does Not block.
      I've tried all configs I can think of, all from destination IP's ports, to trying other ports. I cant even seem to get any port open at all.
      I.E The openVPN autoconfig for firewall does not seem to open up ports.
      It all works from LAN->OTP1.
      LAN1 ip range is 172.20.1.1 to 172.20.9.254
      OTP1 ip range is 172.23.1.1 to 172.23.19.10
      Server ip is 172.23.19.10 apache port is 80. HTTPS is NOT on.
      I just cant think of anything else to try.. Idéas?<3 :-*
      Thanks in advance. Configuration pictures below.



      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        "I just cant think of anything else to try.. I"

        did you go through the basic troubleshooting steps?
        https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

        You mention other routers?  So pfsene gets public IP on its wan??  When you connect it?  OR is it behind nat?  A simple sniff as in the doc shows exactly what is happening in like 20 seconds..

        For starters your first rule is completely WRONG because it has a source port of 80… So that is wrong..  Source port sure is not going to be 80.

        You sure your alias is correct??  Your actually testing from outside right, and not expecting nat reflection to work??

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • Z
          zeedarn
          last edited by

          @johnpoz:

          "I just cant think of anything else to try.. I"

          did you go through the basic troubleshooting steps?
          https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

          You mention other routers?  So pfsene gets public IP on its wan??  When you connect it?  OR is it behind nat?  A simple sniff as in the doc shows exactly what is happening in like 20 seconds..

          For starters your first rule is completely WRONG because it has a source port of 80… So that is wrong..  Source port sure is not going to be 80.

          You sure your alias is correct??  Your actually testing from outside right, and not expecting nat reflection to work??

          Hey, I found out the issue. I dont know how or why, but when I type in my external IP address in the addressfield it does not work, not from WAN or local. However, when i type in my DDNS name it works. Thanks for the help on the rule that was wrong. :)
          Do you have any idea why I can connect using the ddns? (dyndns.org) but not my external ip?
          This is on both my phone and laptop.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            because your website is using host headers maybe and doesn't display anything if you go to the IP?

            Your ddns is using the correct IP, and your typing in the wrong IP?

            Trying to hit your public IP from inside lan would require nat reflection to be setup?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.