OPNsense Forum

Archive => 16.7 Legacy Series => Topic started by: stewconsult on September 20, 2016, 11:16:02 pm

Title: 16.7.3 port forwarding
Post by: stewconsult on September 20, 2016, 11:16:02 pm

Just install 16.7.3 on new box...  setup lan and wan interfaces, nest thing I did was setup NAT, port forwarding

I tried using wan DHCP    as well as static WAN  IP    but nothing is working.

I have upstream gateway which is a frontier DSL modem , made subnet /24   on static WAN

I am trying to forward port 8100 which is a management port for an app I use.   I forward frontier modem to wan interface of opnsense, then forward wan to my lan ip, it creates a firewall rule appropriately.

I'm using canyouseeme.org to check for port 8100.... no good.

My normal router works fine  (Mikrotik)

Any ideas?

Title: Re: 16.7.3 port forwarding
Post by: tixe on September 21, 2016, 05:16:28 am

I have the same issue, i want to NAT the MSRDP port (as a test ex) and nothing, Im using the ways that used on m0n0wall but do not work, how work NAT and or por forwarding on OPNsense ?

Regards

Title: Re: 16.7.3 port forwarding
Post by: franco on September 21, 2016, 08:51:52 pm

Try Firewall: Settings: Advanced: check "Disable reply-to on WAN rules".


Cheers,
Franco

Title: Re: 16.7.3 port forwarding
Post by: stewconsult on September 21, 2016, 11:17:32 pm

Thanks. Just reviewed a pfsense doc, it says to use
WAN ADDRESS    as destination  in port forward rule. I thought the opnsense docs said to use LAN ADDRESS

Its working now for me.

Title: Re: 16.7.3 port forwarding
Post by: franco on September 22, 2016, 07:56:57 am

Which OPNsense doc are you referring to? If it's wrong, we should certainly fix it. :)

Title: Re: 16.7.3 port forwarding
Post by: tixe on September 22, 2016, 04:21:41 pm

Franco these option not is for MultiWAN scenario ?

Quote from: stewconsult on September 21, 2016, 11:17:32 pm

Thanks. Just reviewed a pfsense doc, it says to use
WAN ADDRESS    as destination  in port forward rule. I thought the opnsense docs said to use LAN ADDRESS

Its working now for me.

Title: Re: 16.7.3 port forwarding
Post by: tixe on September 22, 2016, 04:22:56 pm

In the NAT option wizar on port forwar you change the NIC destination for LAN address ?

Quote from: stewconsult on September 21, 2016, 11:17:32 pm

Thanks. Just reviewed a pfsense doc, it says to use
WAN ADDRESS    as destination  in port forward rule. I thought the opnsense docs said to use LAN ADDRESS

Its working now for me.

Title: Re: 16.7.3 port forwarding
Post by: tixe on September 22, 2016, 04:32:03 pm

I can not fixit yet, how fix it ?

Title: Re: 16.7.3 port forwarding
Post by: franco on September 22, 2016, 05:27:12 pm

Yes, you are right. If you use Multi-WAN you should try to disable reply-to via the per-rule option in the rules edit screen.

Title: Re: 16.7.3 port forwarding
Post by: stewconsult on September 23, 2016, 03:12:52 pm

I don't see any documentation on setting up a simple port forward in the manual, musty have read in somewhere on google.

Title: Re: 16.7.3 port forwarding
Post by: tixe on September 28, 2016, 08:30:30 pm

So the thing is that we do not know how do a simple port forward, using our knowledge on others firewall platform.

That desire to do the difficult things about OPNsense.

Title: Re: 16.7.3 port forwarding
Post by: QQGOD on November 14, 2016, 07:13:21 am

There is an interesting thing about port forward.

Before check this, the outer port can only be accessed from Ubuntu 16.04.01.
The outer port cannot be accessed from macOS, the TCP ACK packet is sent from WAN interface, but macOS does not receive the TCP ACK packet.

After check this, the outer port can be accessed from all kind of OS.

Quote from: franco on September 21, 2016, 08:51:52 pm

Try Firewall: Settings: Advanced: check "Disable reply-to on WAN rules".


Cheers,
Franco