Port forwarding through VPN? Bug?

Started by SenseX, January 02, 2026, 07:08:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 02, 2026, 07:08:40 PM Last Edit: January 03, 2026, 01:45:38 PM by SenseX
I am experiencing an issue with port forwarding over a VPN connection, and it appears that multiple users are encountering the same behavior.

I have a single forwarded port configured through AirVPN. To validate the setup, I tested the configuration using pfSense, based on reports from other users that port forwarding functions correctly in that environment. With identical firewall and NAT rules applied, the forwarded port successfully opens and is reported as reachable.

However, when applying the same port-forwarding and firewall rules in OPNsense, the port remains closed. I have verified that the rules are functionally equivalent and applied to the correct interfaces. Despite this, inbound traffic to the forwarded port does not reach the internal host.

I have found several reports from other users describing the same issue, and after reviewing existing discussions, there does not appear to be a definitive resolution.

Is this a known limitation or bug in OPNsense's VPN/NAT handling, and if so, is there a fix planned?
Additionally, what architectural or implementation differences between pfSense and OPNsense could explain why the same configuration works in pfSense but fails in OPNsense?
January 02, 2026, 07:25:37 PM #1
In the port forward rule, set associated filter rule to none.

Then create your own firewall rule that allows the natted traffic (remember nat matches before firewall, so addresses are already translated when they hit the firewall), and enable the advanced features of the rule, and set reply-to to the vpn interface.
Hardware:
DEC740
January 02, 2026, 07:43:01 PM #2 Last Edit: January 03, 2026, 02:04:19 PM by SenseX
Hi,

Thank you for your reply.
I have already done what you suggested earlier, but unfortunately it did not resolve the issue.

Is there anyone else out there who has managed to fix this?
January 04, 2026, 08:09:21 PM #3
Quote from: SenseX on January 02, 2026, 07:08:40 PMI have a single forwarded port configured through AirVPN.
Which kind of VPN?

Quote from: SenseX on January 02, 2026, 07:08:40 PMDespite this, inbound traffic to the forwarded port does not reach the internal host.
Did you verify this by sniffing the traffic on the destination host or at least on the OPNsense interface, which the server is connected to?
Print
Go Up Pages1
User actions