Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: gs44 on March 29, 2022, 11:31:30 PM

Title: Port forward opens port to all devices instead of specified
Post by: gs44 on March 29, 2022, 11:31:30 PM
How come when I open a TCP port with port forwarding to a specific LAN IP it opens the port to ALL LAN IP's on my network?

Same thing happens with UPnP, what ever TCP port it opens, the port is wide open to all IP's
Title: Re: Port forward opens port to all devices instead of specified
Post by: jp0469 on March 30, 2022, 02:11:37 PM
How exactly are you confirming that the port is open to all IPs? Also, post an example of your port forward rule that is being affected. Can't really answer your question without any evidence or supporting info.
Title: Re: Port forward opens port to all devices instead of specified
Post by: gs44 on March 30, 2022, 11:16:52 PM
I am confirming by going to canyouseeme.org on different computers on my local network and checking the port I am forwarding, and it shows it open on all computers tested.

When I disable the Foward port rule, then canyouseeme.org cannot see the port.

See attachment for the rule I tried

Also, as I said, if UPnP opens a TCP port to a specific internal IP, the same thing happens, The TCP port is open to all internal IP's



Title: Re: Port forward opens port to all devices instead of specified
Post by: Greelan on March 30, 2022, 11:46:11 PM
Regardless of where you do the check from, that website is just checking that it gets a response on the port from your external IP.

If you gave me your external IP, I would get the same result. Obviously your port forward has nothing to do with my device.
Title: Re: Port forward opens port to all devices instead of specified
Post by: jp0469 on March 31, 2022, 02:16:54 PM
Quote from: gs44 on March 30, 2022, 11:16:52 PM
I am confirming by going to canyouseeme.org on different computers on my local network and checking the port I am forwarding, and it shows it open on all computers tested.

When I disable the Foward port rule, then canyouseeme.org cannot see the port.

See attachment for the rule I tried

Also, as I said, if UPnP opens a TCP port to a specific internal IP, the same thing happens, The TCP port is open to all internal IP's
Totally expected behavior. The checking site probes the port on your external IP and because of the port forward to the listening client, it reports it as open.

To prove this, turn off the PC that the port is forwarded to or close down the listening service and try again from another PC on your network. You will get a different result.
Title: Re: Port forward opens port to all devices instead of specified
Post by: gs44 on March 31, 2022, 10:22:25 PM
Smacks self in forehead..

That explains it and I should of known that, thanks for the explanation all!!

So, everything is working as it should.
Text only | Text with Images