Messages

Does UDP port forwarding work? OPNsense is stateful, so if you port forward TCP, the packet state will not match anymore since you are changing the destination port, and it will be silently dropped. The next rule you match the packet on will have to have "state type: none" and "TCP flags: any" to allow it to match the packet. You will need to do this for incoming and outgoing. I made a guide in the Tutorials and FAQ's that may help you, but I didn't explain many things since it was so long already.

Hello Dave,

Thanks a lot it's working now :)

Looks like i had some trouble with my testing tools, i used netcat in listem mode behing my opnsense and a putty client direclty on VPN IP + Port :)

Now i'll check in your your guide the Part 6 https://forum.opnsense.org/index.php?topic=45163.0

As explained, I used a ProtonVPN server that allows Port Forwarding and I followed this guide https://docs.opnsense.org/manual/how-tos/wireguard-client-proton.html and https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

Browsing from a server configured in the WG_VPN_Hosts alias has access to the Internet through the ProtonVPN tunnel.
From then it's the port forwarding that doesn't work, i see traffic coming on the port but it stay closed.


BondiblueBalls, I've seen your tool but I don't want to use it at the moment, firt i want to understand what i missed here...
I had a quick look at the code, the port redirection rule is supposed to be already present in OpenSENSE.

Hello,

I follow some tutorial :

https://docs.opnsense.org/manual/how-tos/wireguard-client-proton.html
https://protonvpn.com/support/port-forwarding-manual-setup/#wireguard

my tunnel is UP and my test linux machine is connected through tunnel.

a "what my ip test" is my VPN IP.

But Port Forwarding is not working, i use natpmpc to get a port mapping, i add it to opnsense like a classic NAT rule.

I can see connection in log when i try a "remote port check" but it's always closed or timeout.

What did i miss ?

Thanks

Guldil