Messages

Hi Faunsen,

So I followed your instructions and made a slight change

Client --> firewall WAN_IP:21 --> ftp-proxy 127.0.0.1:21 --> your_local_ftp_server:21 and it worked. For some reason trying 8021 didn't work.

Thanks for your help though!!

Hi,

I am having a problem with this at the moment. I have my port 21 forwarded to my FTP server but I am only able to connect in Active mode via an ftp client, If I try and connect in passive mode, I get a time out error.

I followed this example but that made no difference.
Looking at my logs I cannot see any ports being blocked

Hi All,

Been doing some testing tonight - I am able to connect with an FTP client in active mode but not passive mode.

Hey,

Have my ftp port 21 forwarded to my NAS and a connection can be made but when I try to download, for example a backup, from cPanel via ftp to my NAS a .tmp is created on my NAS but then cpanel tells me the connection timed out.

Using passive mode.

Tried searching documentation but couldn't find anything.

Anyone had this before?



Sent from my SM-G935F using Tapatalk

Ah no my bad,

Port 22 was closed off on the NAS .

Thanks for your help!

Hey Dominik

That seems to have done the job for port 21 but port 22 is still closed checked the settings against the rule for port 21 and there the same, so I'm not sure whats happening there.

Regards
Adam

Hey Dominik,

I have quickly drawn my network setup and attached some screen grabs from NAT > Port Forward and Rules.

It's not a complex setup at all - Obviously I have got something wrong somewhere.

I'm just going to check that when using DMZ that the NAT on the router is switched off. Other than that...I'm at a complete loss.

Regards
Adam

Hi Banym,

Thanks for your message, I have done what you suggested but I still not see the ports open, also still seeing the deny rule appear when scanning the port.

I'm not sure if I have found the possible cause.. When looking under Log Files > Live View in the Column Titles at the top, Interface, Time, Source, Destination ect - Under Destination its listing the IP for the WAN Interface on the Firewall 192.168.0.2, Should that not be listing the IP for the device I'm trying to forward the ports to?

welcome to opnsense, link2019!

please post specifics about the problems you've encountered.  does your opnsense gui report whether or not the WAN interface has been issued a public IP by the D7000v2 or is it a non-routed IP (e.g. 10.x 192.168.x or 172.16.x)?

your setup is not very complex but there may be overlapping functionality you may need to account for--primarily NAT.

Hi firewall thanks for your reply!

I did actually manage to get the firewall working and we now have access.
The netgear assigned a non-routed IP to the WAN 192.168.0.2
I have my router setup to DMZ straight to the WAN address. But I'm having an issue port forwarding. I have read and copied many examples but it seems the port won't open on the outside. 

When I run a port scan from the outside and look at my Logs > Live View I see the port scan run but it's denied

wan      Aug 16 06:14:32   52.202.215.126:34198   192.168.0.2:21   tcp   Default deny rule

I have attached two files showing my config - not sure where I'm going wrong.

Hi Eveyone,

In the past I have used pre-configured software but I felt like turning my hand to something open source / hardware based but I'm having problems.

I got Opnsense 19.7 installed on a 1U rack - has two LAN cards one of which has been picked up as WAN and I can log into the GUI... all seems to be working.

I have a Netgear D7000v2 router and I would like to use Opnsense as my firewall, but I'm having issues with configuration.

Is there anyone that would help me find my way ?

I'm not overly familiar with using WAN ect so I'm just finding myself getting confused within the settings menu.

Hope to speak to someone soon...  :)
Adam