Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - hwitten

Pages1
#1
General Discussion / Re: Unable to Port Forward SSH to LAN from WAN. WAN to Firewall SSH is OK.
March 26, 2021, 06:38:39 PM
QuoteDid you create an associated allow rule on your WAN interface that allows TCP to port 22 for 192.168.1.125?

I did. Think I found my problem though, sort of.

Switched to another SSH machine/ip and that works so my problem must be with the .125 itself.

I'll consider this solved for now or at least not an OPNsense problem.
Another lesson learned :)
#2
General Discussion / [solved] Unable to Port Forward SSH to LAN from WAN. WAN to Firewall SSH is OK.
March 26, 2021, 05:24:54 PM
Using this HowTo: https://forum.opnsense.org/index.php?topic=13453.msg61952#msg61952

For reference, HTTP/HTTPS is working ok from outside using Port Forwarding.

SSH is what I'm having problems with from 'outside'.

I changed Firewall SSH to 2222 and can access from outside with a port forward setting of:
Interface: WAN
Proto: any
Source Address: any
Ports: any
Destination Address: WAN address
Ports: 2220
NAT IP: 192.168.1.1
Ports: 2222

I also have SSH running at 192.168.1.125.
Changing the last 3 from above to:
Ports: 2220
NAT IP: 192.168.1.125
Ports: 22

...gives a connection timeout. SSH to same server from inside connects ok.

Have tried with Firewall SSH disabled but it made no difference.
Have also tried adding a floating rule, but probably not correctly.

What am I missing?
#3
General Discussion / Re: Transitioning to OPNsense. Hoping for temp usage of 2 firewalls on same LAN
March 24, 2021, 06:23:37 PM
Thank you Bart.
#4
General Discussion / Transitioning to OPNsense. Hoping for temp usage of 2 firewalls on same LAN
March 24, 2021, 02:56:46 AM
My current setup is PublicIP182-->Cyberoam-->192.168.2.0/24 (CyberoamIP .251)

I have a new PublicIP50-->OPNsense-->hopefully also to 192.168.2.0/24 (OpnsenseIP .1)
DHCP server is OFF for OPNsense as the Cyberoam has it ON)

Webserver is on 192.168.2.6 and works correctly, with PublicIP182 and the Cyberoam.

What I was hoping is that I could ease myself into OPNsense by getting web access with PublicIP50, by port forwarding to 192.168.2.6 as well.

I get a "connection timed out" error.

Am I trying the impossible?

#5
General Discussion / Re: Migrating to OPNsense from Cyberoam - Have problem forwarding web service
March 24, 2021, 02:39:13 AM
Started with a factory default and port forwarding works as it should.

Guess the problem is that I'm trying to do the impossible, perhaps.
I'll start another thread on that.
#6
General Discussion / Migrating to OPNsense from Cyberoam - Have problem forwarding web service
March 23, 2021, 03:48:47 AM
I just want to confirm that all I need to set up is Firewall-->NAT--Port Forward ?

What I mean is that other needed rules are OPNsense generated?
Or do I need to create rule in Firewall--> Rules as well?

My setup us simple, static IP to bridged cable modem and a single class C as the NAT.
I have ping setup ok (using for now) and can ping the public IP.
Using OPNsense 21.1.3_3

No luck getting HTTP/HTTPS to the private IP of my web server though.
I moved the OPNsense web server to a different port.

My next trial & error step is to delete all routing related entries and start from scratch, short of a complete re-install.

I have been searching for a simple how-to to forward for web services but have not found any so have always had to 'adjust', which obviously I'm not doing correctly.
Pages1