Rules for use Torrent service

[bartjsmit]

Firewall, Log Files, Live View

Bart...

[balubeto]

This is my current configuration:












The next two images represent the various port blocks:




How come? Is this normal?

While these images show the block of port 36603 analyzed by the service https://www.grc.com that reports the status Stealth on this port:




So, how do I remove all these blocks so that I can use the Torrent network without any problems?

Thanks

Bye

[balubeto]

Anybody understand what I'm doing wrong?

Thanks

Bye

[balubeto]

Can you help me solve this problem?

Thanks

Bye

[balubeto]

I have noticed that, when I create and apply the Torrent rule, an error appears (see attachment). Where am I wrong?

Thanks


Bye

[balubeto]

Help!!!

[MrB]

You could start by trying with actual port number & ip instead of aliases and see if that makes any difference.

[balubeto]

Now, no error appears but, when I check the port, the Internet service indicates that its status is closed. How come?


Thanks


Bye

[balubeto]

So, how do I open the ports? In other words, why doesn't my NAT rule, which should open the Torrent port, work?

Thanks

Bye

[Ciprian]

I don't know, sorry... It seems to be fine, but it isn't... Even your PC firewall might be interfering, or even the modem, if the bridge mode is not quite a bridge... I don't really know.

It's difficult to find an answer having jut bits, and just from one single link in the chain.

[balubeto]

There is no firewall enabled on the LAN computers.

The VDSL2 router should be set up correctly in Bridge mode because, a few months ago, I had a firewall hardware with pfSense and I did not have this problem. How come?

One thing I never understood: If I turn off NAT on the router, I can no longer access the Internet from the LAN computers. This happens with the old and the new firewall hardware. How come?

With OPNSense, is it possible to configure it so that it also acts as a full NAT for the entire LAN so that I can completely disable the router's firewall?

Thanks

Bye

[balubeto]

Anybody still want to help me?

Thanks

Bye

[Ciprian]

There is no firewall enabled on the LAN computers.

The VDSL2 router should be set up correctly in Bridge mode because, a few months ago, I had a firewall hardware with pfSense and I did not have this problem. How come?

I never used pfSense, but I have a NAS (FreeNAS) and multiple services (like FTP) and plugins (like Transmission - a torrent client, Plex, Emby, NextCloud etc.) behind OPNsense and everything works like a charm accessed from both LAN and from WAN. I so conclude that your problem is not a "works with that, but not with this" problem.

One thing I never understood: If I turn off NAT on the router, I can no longer access the Internet from the LAN computers. This happens with the old and the new firewall hardware. How come?

A very expected behavior: your IPs set for LAN are not routable, so you can't access internet without a NAT device.

With OPNSense, is it possible to configure it so that it also acts as a full NAT for the entire LAN so that I can completely disable the router's firewall?

OPNsense already does that, full NAT, but NAT is a FW function. Can't really turn off FW, in it's entirety, without turning off NAT. There are settings and/ or rules for completely "avoiding" one or the other (as in, allow everything from anywhere to anywhere, and/ or translate everything from this WAN address to this LAN address, or the other way around, or no NAT at all), but otherwise you either have it as a router only, or as a router + FW (and with or without NAT).

I say it again: without directly seeing every link in the chain, every device on the path of your internet connection, I declare myself unable to help.

I truly hope you'll figure it out.
A good day to you!

[balubeto]

How do I enable the OPNSense NAT to make the dynamic IP, provided by my ISP, routable for the LAN? In other words, I would like to disable the NAT of the VDSL2 router using this Internet service with the computers on the LAN.

Thanks

Bye

[bartjsmit]

Enable bridge mode in your router/modem configuration. If it doesn't offer it, look for one that does (e.g. https://www.draytek.co.uk/products/business/vigor-130)

Bart...