OPNsense Forum
English Forums => General Discussion => Topic started by: DLBaker on June 30, 2019, 08:40:04 am
-
Howdy Y'all,
I am having a bear of a time trying to port forward port 873 for a tnas backup *without ssh*
I have watched TCPdump on both interfaces on the opnsense firewall simultaneously. It never hits the internal NIC despite port forward rules and the client receives an ssh connection string.
Can someone help me find out why Opnsense is accepting connections on port 873 and presenting SSH to the client?
Note:
I am aware of the security implications, I am restricted by the capabilities of the device in another state and intend to lock the accept rule to the source IP. Nothing else is an option.
-
Hi and huh,
> Can someone help me find out why Opnsense is accepting connections on port 873 and presenting SSH to the client?
We don't do rsync, so having rsync port respond with SSH sounds like a port forward unless SSH on the box was configured for port 873. Both of which are configuration-related.
Or I am simply unable to understand your question. :/
Cheers,
Franco
-
As much as I would love to delete this post and pretend it didn't happen I might at least make it educational for someone else.
TIL : When using custom ports; Destination port range {from:to} must be filled in. Or the ANY will match the first rule and take your connection to that target IP and target port.
Thank you for responding so quickly. Suggesting port forwarding was the catalyst for trying an ssh connection on port 873 and seeing where I landed. :p
Thank You !
-
Hi there,
No worries. :)
Cheers,
Franco