Messages

1

General Discussion / Re: Unable to Port Forward SSH to LAN from WAN. WAN to Firewall SSH is OK.

« on: March 26, 2021, 06:38:39 pm »

Did you create an associated allow rule on your WAN interface that allows TCP to port 22 for 192.168.1.125?

I did. Think I found my problem though, sort of.

Switched to another SSH machine/ip and that works so my problem must be with the .125 itself.

I'll consider this solved for now or at least not an OPNsense problem.
Another lesson learned

2

General Discussion / [solved] Unable to Port Forward SSH to LAN from WAN. WAN to Firewall SSH is OK.

« on: March 26, 2021, 05:24:54 pm »

Using this HowTo: https://forum.opnsense.org/index.php?topic=13453.msg61952#msg61952

For reference, HTTP/HTTPS is working ok from outside using Port Forwarding.

SSH is what I'm having problems with from 'outside'.

I changed Firewall SSH to 2222 and can access from outside with a port forward setting of:
Interface: WAN
Proto: any
Source Address: any
Ports: any
Destination Address: WAN address
Ports: 2220
NAT IP: 192.168.1.1
Ports: 2222

I also have SSH running at 192.168.1.125.
Changing the last 3 from above to:
Ports: 2220
NAT IP: 192.168.1.125
Ports: 22

...gives a connection timeout. SSH to same server from inside connects ok.

Have tried with Firewall SSH disabled but it made no difference.
Have also tried adding a floating rule, but probably not correctly.

What am I missing?

3

General Discussion / Re: Transitioning to OPNsense. Hoping for temp usage of 2 firewalls on same LAN

« on: March 24, 2021, 06:23:37 pm »

Thank you Bart.

4

General Discussion / Transitioning to OPNsense. Hoping for temp usage of 2 firewalls on same LAN

« on: March 24, 2021, 02:56:46 am »

My current setup is PublicIP182-->Cyberoam-->192.168.2.0/24 (CyberoamIP .251)

I have a new PublicIP50-->OPNsense-->hopefully also to 192.168.2.0/24 (OpnsenseIP .1)
DHCP server is OFF for OPNsense as the Cyberoam has it ON)

Webserver is on 192.168.2.6 and works correctly, with PublicIP182 and the Cyberoam.

What I was hoping is that I could ease myself into OPNsense by getting web access with PublicIP50, by port forwarding to 192.168.2.6 as well.

I get a "connection timed out" error.

Am I trying the impossible?

5

General Discussion / Re: Migrating to OPNsense from Cyberoam - Have problem forwarding web service

« on: March 24, 2021, 02:39:13 am »

Started with a factory default and port forwarding works as it should.

Guess the problem is that I'm trying to do the impossible, perhaps.
I'll start another thread on that.

6

General Discussion / Migrating to OPNsense from Cyberoam - Have problem forwarding web service

« on: March 23, 2021, 03:48:47 am »

I just want to confirm that all I need to set up is Firewall-->NAT--Port Forward ?

What I mean is that other needed rules are OPNsense generated?
Or do I need to create rule in Firewall--> Rules as well?

My setup us simple, static IP to bridged cable modem and a single class C as the NAT.
I have ping setup ok (using for now) and can ping the public IP.
Using OPNsense 21.1.3_3

No luck getting HTTP/HTTPS to the private IP of my web server though.
I moved the OPNsense web server to a different port.

My next trial & error step is to delete all routing related entries and start from scratch, short of a complete re-install.

I have been searching for a simple how-to to forward for web services but have not found any so have always had to 'adjust', which obviously I'm not doing correctly.