OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: rl82 on July 22, 2021, 06:30:56 am

Title: NAT - Port Forwarding - NOT WORKING (Help please) -
Post by: rl82 on July 22, 2021, 06:30:56 am
Good Morning,

I am new to Opnsense and i am facing an issue with port forwarding to a web server in port 81 in LAN.

i am able to reach the web server from internal, any suggestion?

Thank you in advance
Title: Re: NAT - Port Forwarding - NOT WORKING (Help please) -
Post by: rl82 on July 22, 2021, 06:33:09 am
other attachements
Title: Re: NAT - Port Forwarding - NOT WORKING (Help please) -
Post by: rl82 on July 22, 2021, 06:33:25 am
last pic
Title: Re: NAT - Port Forwarding - NOT WORKING (Help please) -
Post by: guest28819 on July 24, 2021, 06:28:13 pm
Hello @rl82,

I used to have the same issue and did the following. It was more of a Application Port Forward but the Basics apply the same. ^^

Under Firewall -> NAT -> Port-Forward -> Setup your Translation
Interface = WAN
TCP/IP Version = Your IP Protocol
Protocol = Your Protocol Type
Destination = WAN address
Destination Port = What to Listen to Port
Redirect target IP = Internal Server
Redirect target Port = Your Binding Port for the Internal-Server
NAT Reflection = If needed!
Filter rule association= Give it a Unique Name

Under Firewall -> NAT -> Outbound
Set the Mode to = Hybrid outbound NAT Rule generation
SAVE!
New Rule = +Add
Interface = WAN
TCP/IP Version = IP Protocol Type
Protocol = Your Protocol
Source Address = Your Internal Server
Source Port = Your Internal Server Binding Port
Destination = ANY
Destination Port = ANY
Translation/target = Interface address
Description = Give it a Unique Name

After all that NAT is Open an all should run fine.

I am no Professional on OPNsense and share my settings that worked for me. If someone has a better solution please correct me because I am willing to learn. :D (Thank you)

Best regards
Val.
Title: Re: NAT - Port Forwarding - NOT WORKING (Help please) -
Post by: rl82 on July 27, 2021, 01:32:11 pm
Hello Valvaris,

thank you for your reply.

I am reading right now your answer. In the meantime i looked on internet and a workaround that worked fine for me was to set DIFFERENT ports between WAN and LAN. In this way the portforwarding work good.

I am now facing another problem with NAT 1:1 Configuration: I am able to reach from WAN Network also the private ip address of the webserver.. How is that possible? Any suggestion?
Thanks