OPNsense Forum

English Forums => Tutorials and FAQs => Topic started by: Moty_p on January 16, 2023, 11:05:46 pm

Title: problems with Firewall: NAT: Port Forward and VLAN Over VM
Post by: Moty_p on January 16, 2023, 11:05:46 pm

hi all... new here....:)
i have problem with port forward in NAT firewall rules
all the configuration is correct

i have iis server in my network and i have add rule in firewall
i have add the next rule in Firewall: NAT: Port Forward
Interface: wan
TCP/IP Version: ipv4
Protocol: tcp
Destination: wan address
Destination port range: from: http to: http
Redirect target IP: 10.0.0.2
Redirect target port: http
NAT reflection: enable
Filter rule association: rule iis 80

and also i have add the next rule in Firewall: Rules: WAN
Protocol:  IPv4 TCP
Destination: 10.0.0.2
Description:  iis 80

like you can see the config is correct and really in the begin it work
so you can go to my webpage via ddns\ip
but not i have change my isp
so i need to setup a new pppoe dial-up connection
so i have add new Point-to-Point: Devices and change the wan interfaces
i back online ;)

since then the Port Forward stop work and i can not access my website  :'(
i have try to remove the rule from Firewall: NAT: Port Forward
and do it again but is not solved the problem so
so i don't know what more i need to do....  :'( i have call to my isp to see if there is a block from their side but they said no

also i have problems via vlan over VM
i have setup & config VLAN1:
Enable Interface on
dhcp on
all the correct configuration and yet not work!
so i have install opnsense on my laptop on other ssd and the VLAN IS WORK so
why is not work if it on VM? (Run Hyper-H)

Place help me TY

Title: Re: problems with Firewall: NAT: Port Forward and VLAN Over VM
Post by: bartjsmit on January 17, 2023, 07:32:45 am

It could be that your new ISP uses CGNAT https://en.wikipedia.org/wiki/Carrier-grade_NAT

Browse to https://ifconfig.co and see if the public IP matches that on your firewall.

If you do suffer from CGNAT, you may need to think about alternatives. I've used Cloudflare tunnels in similar situations: https://github.com/cloudflare/cloudflared

Bart...

Title: Re: problems with Firewall: NAT: Port Forward and VLAN Over VM
Post by: Moty_p on February 15, 2023, 02:47:04 pm

i open account and change the Settings in Dynamic DNS to Cloudflare but waht now?

Title: Re: problems with Firewall: NAT: Port Forward and VLAN Over VM
Post by: bartjsmit on February 16, 2023, 08:10:04 am

Try this? There are many YouTube videos as well: https://docs.ibracorp.io/cloudflare-tunnel/

Title: Re: problems with Firewall: NAT: Port Forward and VLAN Over VM
Post by: Moty_p on February 24, 2023, 12:51:03 pm

 Disable web GUI redirect rule is on and active