Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
[Solved] Port Forward to LAN Bridge
« previous
next »
Print
Pages: [
1
]
Author
Topic: [Solved] Port Forward to LAN Bridge (Read 4854 times)
ab5g
Newbie
Posts: 20
Karma: 1
[Solved] Port Forward to LAN Bridge
«
on:
June 17, 2019, 10:02:56 am »
Hi
Can anyone help me understand why this is not working ?
I have a firewall in L3 mode terminating my ISP connection.
I have configured 2 ports on the LAN side which are bridged into a single LAN (192.168.1.0/24) - Lets call them LAN1 and LAN2 ports.
On the firewall I have setup a port forward from my external IP:Port to internal IP:Port - Added the NAT rule/corresponding firewall rule.
When I try to access a machine on LAN2 port from LAN 1 port --> it works
When I try to access a machine on LAN2 port from WAN port --> doesn't work .
I looked at the live logs and can see the packet from WAN hit the NAT rule and is allowed. I can also see the packet that the firewall sends to the bridge group after the NAT rule.[/img]
The packet disappears after this - I don't see it on the machine. Verified the machine has no firewall.
The following parameters are set as below
net.link.bridge.pfil_member is set to 0
net.link.bridge.pfil_bridge is set to 1
P.S - I am running this on a baremetal box (no VMware)
«
Last Edit: June 18, 2019, 04:27:41 pm by ab5g
»
Logged
DIY Tech >>
www.zero-ping.blog
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: Port Forward to LAN Bridge
«
Reply #1 on:
June 17, 2019, 01:13:33 pm »
Your title is a bit confusing; port forward is layer 3 and a bridge is layer 2.
Reduce your problem. Remove the bridge and configure port forwarding for your internal host using this guide:
https://forum.opnsense.org/index.php?topic=8783.0
When that works, add the bridge to the mix and see if that breaks it.
Bart...
Logged
ab5g
Newbie
Posts: 20
Karma: 1
Re: Port Forward to LAN Bridge
«
Reply #2 on:
June 17, 2019, 02:28:18 pm »
Sorry if the title is confusing.
I had it setup minus the bridge and the port forward worked perfectly ( thanks to the awesome documentation here).
The bridge is breaking it. I had set it up using this guide
https://wiki.opnsense.org/manual/how-tos/lan_bridge.html
The bridge is working correctly, I get dhcp to the devices, the devices can talk to each other on layer 2 even when they are connected to two different physical ports.
So I'm missing something, perhaps a filter??
Thanks for the help
Logged
DIY Tech >>
www.zero-ping.blog
ab5g
Newbie
Posts: 20
Karma: 1
Re: Port Forward to LAN Bridge
«
Reply #3 on:
June 18, 2019, 04:26:47 pm »
Well, I found the answer. The bridge was working fine. Apparently the system in question was a osx machine and I recently installed the macserver app on it. For some reason the app was blocking the packets. All good now
Logged
DIY Tech >>
www.zero-ping.blog
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
[Solved] Port Forward to LAN Bridge