Port Forwarding under Double NAT (with DMZ) not working

[maxzer0]

Hello!

I've recently setup a OPNSense box with two 10 gbit interfaces.

I've got a router that does not support bridge mode from a provider, that is unchangeable.

So I've given the OPNSense box a permanent DHCP IP and gave it DMZ rights.

The current network setup looks like this:

Routerbox: 192.168.0.0/16
OPNSense router: 172.16.0.0/12

Routerbox (Set OPNSense box as DMZ host) -> OPNSense box -> Webserver

I've tried to port-forward the Webserver using the traditional method but whenever i've tried to port-check the external ip, the connection is refused and there's nothing written in the logs. I have tried several guides since then but they've all failed me so far. I've been reading that it is not possible, so my question is, what am i doing wrong and if it is possible, can you please tell me how to do it?

[wordsmith]

A couple of suggestions for troubleshooting:

Remove the OPNsense box and hook up your webserver directly to your modem/router:
- If you can reach your webserver now, then it might be of some use to post your OPNsense rule configurations
- If you still can't reach your webserver, then you will want to troubleshoot another variable like:
   - Is your ISP blocking any ports? you could get in touch with them and ask about the situation regarding self-hosting
   - Is your webserver running an active firewall?