Can't forward port 80.



  • I have 3 network interfaces.
    1LAN
    1WAN
    1OTP

    HTTP(Apache) is on OTP
    LAN/WAN is supposed to be able to access the server on port 80.
    I can access it from LAN (Same subnet/iprange)
    I can not access it from my external IP.
    Webgui has been changed to port 9090.
    This issue is ONLY on PfSense. It works fine with my other routers. ISP does Not block.
    I've tried all configs I can think of, all from destination IP's ports, to trying other ports. I cant even seem to get any port open at all.
    I.E The openVPN autoconfig for firewall does not seem to open up ports.
    It all works from LAN->OTP1.
    LAN1 ip range is 172.20.1.1 to 172.20.9.254
    OTP1 ip range is 172.23.1.1 to 172.23.19.10
    Server ip is 172.23.19.10 apache port is 80. HTTPS is NOT on.
    I just cant think of anything else to try.. Idéas?<3 :-*
    Thanks in advance. Configuration pictures below.




  • LAYER 8 Global Moderator

    "I just cant think of anything else to try.. I"

    did you go through the basic troubleshooting steps?
    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    You mention other routers?  So pfsene gets public IP on its wan??  When you connect it?  OR is it behind nat?  A simple sniff as in the doc shows exactly what is happening in like 20 seconds..

    For starters your first rule is completely WRONG because it has a source port of 80… So that is wrong..  Source port sure is not going to be 80.

    You sure your alias is correct??  Your actually testing from outside right, and not expecting nat reflection to work??



  • @johnpoz:

    "I just cant think of anything else to try.. I"

    did you go through the basic troubleshooting steps?
    https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

    You mention other routers?  So pfsene gets public IP on its wan??  When you connect it?  OR is it behind nat?  A simple sniff as in the doc shows exactly what is happening in like 20 seconds..

    For starters your first rule is completely WRONG because it has a source port of 80… So that is wrong..  Source port sure is not going to be 80.

    You sure your alias is correct??  Your actually testing from outside right, and not expecting nat reflection to work??

    Hey, I found out the issue. I dont know how or why, but when I type in my external IP address in the addressfield it does not work, not from WAN or local. However, when i type in my DDNS name it works. Thanks for the help on the rule that was wrong. :)
    Do you have any idea why I can connect using the ddns? (dyndns.org) but not my external ip?
    This is on both my phone and laptop.


  • LAYER 8 Global Moderator

    because your website is using host headers maybe and doesn't display anything if you go to the IP?

    Your ddns is using the correct IP, and your typing in the wrong IP?

    Trying to hit your public IP from inside lan would require nat reflection to be setup?


Log in to reply