16
General Discussion / [Solved]Port forward behind ISP Router
« on: June 26, 2018, 07:34:28 pm »
Hi, since I've tried numerous how-to also can't search for solution yet, I decided to starting a new thread in hope someone in the same boat with solution can bring some light.
I'm having a very hard time trying to get a simple web server to be accessible outside my network(for testing purposes) through No-IP/Port forward, I will post brief setup of my current network in hope to get some advice if I am doing something wrong on my end, before I consider to call my ISP in which is very slow wen it comes to customer support unfortunately.
Lets start with my setup and what I'm trying to accomplish for reference, my setup is as follow:
ISP/Locked Router/DHCP WiFi/AP/Bridge Switch/Unmanaged Wired
[Ubiquiti Wireless Radio]----->[OPNsense 18.1.10]----->[Netis WF2419]----->[ PowerConnect 2808]----->[Clients]
HERE is an image of the above network setup/diagram.
My Web server in question is a simple Apache server running on my FreeBSD file server and currently accessible locally with the IP: 192.168.1.xxx:8080, OPNsense is handling all the Unbound DNS, DHCP and DDNS with my No-IP account, the DynDNS plugin is currently working and cached my outside WAN IP address and is reflected in the No-IP website as expected, now the odds are coming.
I configured port forwarding for the Apache IP/port as follows:
<Source>
[IF=WAN]--[Proto=TCP]--[Address=*]--[Ports=*]
<Destination>
[Address=LAN Address]--[Ports=*]
<NAT>
[NAT=192.168.1.xxx]--[Ports=8080]
My DNS Servers are as follow:
#1: 208.67.222.222
#2: 208.67.220.220
#3: 192.168.1.1
Allow DNS server list to be overridden = Unchecked
Do not use the DNS Forwarder/Resolver = Unchecked
A further test I performed under Windows "nslookup" returned also the following:
> myhostname.ddns.net
Server: opnsense.localdomain
Address: 192.168.1.1
Non-authoritative answer:
Name: myhostname.ddns.net
Address: 104.238.xxx.xxx (WAN IP)
>
Overall with this setup, I can access my specified "myhostname.ddns.net" and I'm redirected to external WAN which is working fine, but the port forward is not redirecting to internal Apache target IP/port for some reasons, in either default port 80 nor with 8080 etc, additionally every port tester I've used say Port not open and others say Connection refused.
I really apologize for my rather messy post and I hope to get some advice from experienced OPNsense users regarding port forward behind a locked ISP router, oh and really sorry for my English.
Regards
I'm having a very hard time trying to get a simple web server to be accessible outside my network(for testing purposes) through No-IP/Port forward, I will post brief setup of my current network in hope to get some advice if I am doing something wrong on my end, before I consider to call my ISP in which is very slow wen it comes to customer support unfortunately.
Lets start with my setup and what I'm trying to accomplish for reference, my setup is as follow:
ISP/Locked Router/DHCP WiFi/AP/Bridge Switch/Unmanaged Wired
[Ubiquiti Wireless Radio]----->[OPNsense 18.1.10]----->[Netis WF2419]----->[ PowerConnect 2808]----->[Clients]
HERE is an image of the above network setup/diagram.
My Web server in question is a simple Apache server running on my FreeBSD file server and currently accessible locally with the IP: 192.168.1.xxx:8080, OPNsense is handling all the Unbound DNS, DHCP and DDNS with my No-IP account, the DynDNS plugin is currently working and cached my outside WAN IP address and is reflected in the No-IP website as expected, now the odds are coming.
I configured port forwarding for the Apache IP/port as follows:
<Source>
[IF=WAN]--[Proto=TCP]--[Address=*]--[Ports=*]
<Destination>
[Address=LAN Address]--[Ports=*]
<NAT>
[NAT=192.168.1.xxx]--[Ports=8080]
My DNS Servers are as follow:
#1: 208.67.222.222
#2: 208.67.220.220
#3: 192.168.1.1
Allow DNS server list to be overridden = Unchecked
Do not use the DNS Forwarder/Resolver = Unchecked
A further test I performed under Windows "nslookup" returned also the following:
> myhostname.ddns.net
Server: opnsense.localdomain
Address: 192.168.1.1
Non-authoritative answer:
Name: myhostname.ddns.net
Address: 104.238.xxx.xxx (WAN IP)
>
Overall with this setup, I can access my specified "myhostname.ddns.net" and I'm redirected to external WAN which is working fine, but the port forward is not redirecting to internal Apache target IP/port for some reasons, in either default port 80 nor with 8080 etc, additionally every port tester I've used say Port not open and others say Connection refused.
I really apologize for my rather messy post and I hope to get some advice from experienced OPNsense users regarding port forward behind a locked ISP router, oh and really sorry for my English.
Regards