Since upgrading from 24.7 to anything 25.1.x port forwarding does not work (currently on 25.1.3).
I literally upgraded through the GUI, I have not changed any settings within the firewall. All other functions appear to work normally but port forwarding does not.
I do not see any drops in the logs, I have deleted and recreated all NAT and firewall rules to no avail.
Does anyone have a solution, I'd really like to avoid a clean install.
Same here...
I haven't change anything. Just updated from 24.7.12 to 25.1.3
Just 1 port and 1 rule - but I can't ping my device.
Mmh... After i called up the liveview of the firewall, the ping suddenly went through... now it works.
You have a HTTP rule and complain about pinging ? There's no relation between the live view and things passing through the FW.
Plus, you've hijacked Jim's thread. Next time please open your own
Quote from: Jims-Garage on March 12, 2025, 01:33:45 PMI'd really like to avoid a clean install.
Unless you're willing to redo your configuration from scratch - and then do a diff between old and new config - what is a clean install supposed to achieve ? The moment you imported the old config and checked for updates - for the rest of the plugins to be installed - you're back to the same place. There's probably a configuration issue somewhere...but that's all I can say based on the information provided.
Hey newsense.
I already realize that there is no logical dependency between a Firewall Live View and the ping. Nevertheless, I've been testing around all morning with several restarts etc. and the internal ping to my device went through at the exact moment I opened the Live View.
If I've upset you or Jim, I'm sorry.
No worries, it's all good.
Quote from: newsense on March 12, 2025, 03:50:41 PMNo worries, it's all good.
Puh! :-)
However, I do not understand this sentence:
Quote from: newsense on March 12, 2025, 03:26:13 PMYou have a HTTP rule and complain about pinging ?
What's wrong? I have a device that I want to reach from outside and have set up this port forwarding for it. Why shouldn't I ping the device as a test? I would appreciate a brief explanation.
Quote from: newsense on March 12, 2025, 03:33:43 PMQuote from: Jims-Garage on March 12, 2025, 01:33:45 PMI'd really like to avoid a clean install.
Unless you're willing to redo your configuration from scratch - and then do a diff between old and new config - what is a clean install supposed to achieve ? The moment you imported the old config and checked for updates - for the rest of the plugins to be installed - you're back to the same place. There's probably a configuration issue somewhere...but that's all I can say based on the information provided.
Thanks for responding. To rule out something that has corrupted during upgrade perhaps?
Either way, I have bitten the bullet and done a reinstall. That went fine, however, after restoring the config it doesn't work as you stated. Therefore there must be a problem with my configuration file, but it was fine in 24.7.
Guess I'll dig out an old config file and see what happens... Do you have any ideas what might have caused this?
Urghh, it was my DNS record... DynamicDNS broke during the upgrade so my IP was incorrect. It moved by 1 number so I didn't spot it.
Thanks for responding.
Happy to hear you've found the issue.
There were no reports of NAT related issues in the past few weeks, so the only possibilities for corruption would have been an interrupted upgrade - which you would've mentioned or hdd failure...and iirc you're virtualized.
Quote from: emmitt on March 12, 2025, 04:04:05 PMHowever, I do not understand this sentence:
Quote from: newsense on March 12, 2025, 03:26:13 PMYou have a HTTP rule and complain about pinging ?
What's wrong? I have a device that I want to reach from outside and have set up this port forwarding for it. Why shouldn't I ping the device as a test? I would appreciate a brief explanation.
It appears you only have the http rule on the WAN, so there's no way for you to ping the server from the outside and get a response.
I actually am having the exact same issue. I have been port forwarding for years with opnsense. Now with the latest upgrade 25.1.3. My ports are no longer open with no changes other than the upgrade.
Dear all,
I am a longtime opnsense user as well. Since the update to version 25.1.3 my portforwarding does not work any more. I have 2 opnsense firewall machines running in high availabilty mode each running on a virtual machine virtualised by proxmox ve. I cant find anything in the logs so I would be very thankful for any hints on things I can provide or test to help solve the issue.
Thanks in advance.
Please show the details of the port forwarding rules that are not working as expected. Diagnosing any problem without that information is hardly possible.
Hi,
is that what is needed?
Screenshot of port-forwarding
(https://snipboard.io/d1nvNI.jpg)
screenshot of the firewall rules
(https://snipboard.io/T8BEiD.jpg)
What is 192.168.55.80? WAN?
Hey Patrick,
my setup is like this:
internet <-> Fritz!Box <-> OPNSense Cluster (WAN) <-> networks
192.168.55.1 192.168.55.80
on the fritzbox side of things it is like that
(https://snipboard.io/bFehRn.jpg)
Thanks for your support