"
Hello.
I hope this is the right forum to ask about this, but if not, please let me know where the right place is.
I have just installed opnsense on a machine, and I am trying to figure out how the port forwarding works.
I have the ports I need to access from the outside opened up. I have a question regarding this however.
I have a NGINX reverse proxy running on the network, where I with my old router could access this just fine from the internal network as well as the outside. Why can't I do that on opnsense?
If I check my firewall log, I see the following:
So to me it looks like it hits the anti lockout rule by default.
I have then tried to enable "Reflection for port forwards" in Firewall-Settings-Advanced, which does change the log entry a little:
That does look better in my eyes, but unfortunately it still doesn't work. The nginx logs doesn't have anything, so I would say the request still dies at the firewall.
Does anyone have a clue to what I am doing wrong?
I hope this is the right forum to ask about this, but if not, please let me know where the right place is.
I have just installed opnsense on a machine, and I am trying to figure out how the port forwarding works.
I have the ports I need to access from the outside opened up. I have a question regarding this however.
I have a NGINX reverse proxy running on the network, where I with my old router could access this just fine from the internal network as well as the outside. Why can't I do that on opnsense?
If I check my firewall log, I see the following:
Code Select
192.168.1.237:38190 public-ip:443 tcp anti-lockout ruleSo to me it looks like it hits the anti lockout rule by default.
I have then tried to enable "Reflection for port forwards" in Firewall-Settings-Advanced, which does change the log entry a little:
Code Select
192.168.1.237:38228 192.168.1.40:443 tcp let out anything from firewall host itselfThat does look better in my eyes, but unfortunately it still doesn't work. The nginx logs doesn't have anything, so I would say the request still dies at the firewall.
Does anyone have a clue to what I am doing wrong?
