This is driving me up the wall.
We have an old CentOS 7.3 server. We have 2 x SMP Forums running on it and a Welcome webpage.
It's worked for years and has never been updated.
We have a /29 network and we use xxx.xxx.xxx.57 as a Gateway and 58,59,60,61, and 62 are available. We only used 58 and 59. 58 is the old CentOS server and 59 is our mail server.
We use the OPNsense Firewall and the centos box does shftp, and the 2 Forums with Letsencrypt SSL certs. It works perfectly.
After installing a new Alma server, we cloned setup a new Virtual IP for xxx.xxx.xxx.60.
Setup an alias for Alma server (cloned centos and changed the necessary)
Cloned the Port forwarding from centos and changed the necessary.
Closed the Centos WAN rules and changed the necessary.
Copied the two Forums over to the same locations, copied the /etc/httpd/conf.d files for the Forums
Time to change the DNS. We have our own DNS servers. Entered the new server and internal address xxx.xxx.xxx.213 (the old one was 203).
Because we host a sub-domain in our office of the main domain (on a hosting site). We use Dynu to handle the sub-domain DNS. Added the new server took out the centos and entered xxx.xxx.xxx.60 for the 2 x forums the www page. IDENTICAL to the centos, just IP addresses different.
It's all gotta work, no?
Right, NO it doesn't.
I can ping xxx.xxx.xxx.60 from my workstation, from in the Alma server, no problem
If I try http://xxx.xxx.xxx.60 from any PC or from the Alma box. It times out.
I try to telnet to 80, 443, 20,21, SSH, (all these ports are configured on the OPNsense EXACTLY the same as the centos. NOTHING, NADA.
Now for the fun part. If I start the old centos server. NOW I can telnet and get the apache page when I type http://xxx.xxx.xxx.60.
WTF am I doing wrong. it MUST be the firewall. I've checked the firewall is setup on Alma EXACTLY the same as centos. SELinux is disabled (I hate it).
Can anyone out there help?
No Logs on the Firewall from your Client? Tracert? Nslookup? Iptables on the Server?
IProute on the Server?
Wireshark to see if the traffic comes to your firewall or to the server?
I just want to get this straight. As a complete newbie to OPNsense, I run into a problem.
I post a cry for help :
Help neeged for a problem with Port Forwarding
« on: July 21, 2022, 06:40:42 pm »
My site is down, I'm getting nowhere fast.
SIXTEEN days later, I get a response. I'm really surprised that anyone bothered. Beginners on this site seem to be ignored. My other three questions are still totally ignored.
In the meantime, I had to look for help from other Linux sites. who, like me were pretty surprised at the great support from OPNsense, if the question happens top be a beginner's. Anything complex seems to attract a flurry of answers within hours.
What a great way to attract new users. I have yo be honest, OPNsense support is the worst so far that I have come across even including Microsoft.
Why you have no Pro Support?
Because I'm 81 on a pension and I can't afford it. Why have Forum to help people if you only help people who have already installed it and don't care about the 'newbies'?
I have other questions, but asking anything on here is a waste of time. I get better response for users on other forums that have nothing to do with OPNsense.
Quote from: Mikheil on August 13, 2022, 10:04:12 PM
Because I'm 81 on a pension and I can't afford it. Why have Forum to help people if you only help people who have already installed it and don't care about the 'newbies'?
I have other questions, but asking anything on here is a waste of time. I get better response for users on other forums that have nothing to do with OPNsense.
Umm, you didn't even ask a question here.
I think you'll find when you post a problem specific to OPNsense the community does tend to swarm. However, from what I can tell, your issue described is not OPNsense specific and is very much just basic networking.
Addressing your issue specifically would need much more detail. It's great that you articulated the "process" you went through, but it doesn't give context as to what the rules look like. You simply abridged that and presented it as we should just assume you did them correctly.
But this statement is very telling..."If I try http://xxx.xxx.xxx.60 from any PC or from the Alma box. It times out."
If you tried port 80, via the SAME box it's hosted on and it times out, you don't have a OPNsense problem. You have a host problem. Check the Alma firewall.
Quote from: HankM on August 06, 2022, 09:45:34 PM
I just want to get this straight. As a complete newbie to OPNsense, I run into a problem.
I post a cry for help :
Help neeged for a problem with Port Forwarding
« on: July 21, 2022, 06:40:42 pm »
My site is down, I'm getting nowhere fast.
SIXTEEN days later, I get a response. I'm really surprised that anyone bothered. Beginners on this site seem to be ignored. My other three questions are still totally ignored.
In the meantime, I had to look for help from other Linux sites. who, like me were pretty surprised at the great support from OPNsense, if the question happens top be a beginner's. Anything complex seems to attract a flurry of answers within hours.
What a great way to attract new users. I have yo be honest, OPNsense support is the worst so far that I have come across even including Microsoft.
Please post screenshots of your PORT FORWARD NAT and your WAN firewall rules so we can see what you have set.
OPNsense most certainly does work.