OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: jcdick1 on September 06, 2019, 01:55:14 am

Title: "Forwarding" a port directly to OPNsense
Post by: jcdick1 on September 06, 2019, 01:55:14 am
I am trying to get a reverse proxy running on OPNsense, but I need to point 80 and 443 on the WAN interface to it.  I currently have two WAN firewall rules that are simply Source: WAN IP and Destination This Firewall for port ranges HTTP and HTTPS.

I just get timeouts when I attempt to connect from outside my home network.

Any help would be appreciated.
Title: Re: "Forwarding" a port directly to OPNsense
Post by: tong2x on September 06, 2019, 02:02:47 am
what is your setup?
do you have a modem before your opnsense server? is it in route or bridge mode?
maybe you can show a network diagram, so it would be faster

to use forwarding, you goto
Firewall->NAT->port forward
Title: Re: "Forwarding" a port directly to OPNsense
Post by: jcdick1 on September 06, 2019, 02:27:15 am
I do have a "modem" before OPNsense, in "passthrough" mode so that the OPNsense WAN interface gets the WAN IP.  Port forwarding to other machines behind OPNsense works just fine.  I just can't seem to get traffic coming in on port 80 or 443 to get to the service running directly on OPNsense.
Title: Re: "Forwarding" a port directly to OPNsense
Post by: banym on September 06, 2019, 10:36:40 am
you can do a packet capture on the WAN interface to check if the packages reach your firewall.
If they do, check your rules on WAN to see if you have incoming traffic for that rules.

If the opnsense itself hosts the reverse proxy you don't need NAT rules you should have only roules on WAN interface to allow incomming.

The service needs to be up and running and you should check if you don't have binding problems.
For example you maybe need to move the administration port to something different than 80 and 443 to be able to use these ports for your reverse proxy.

Regards,

Dominik