Port forwarding

[cranky]

So i searched and tried a number of things on these forums, but i still can't get my port fowards to work.
First let me list my settings :

Network Address Translation   
Reflection for port forwards   ✔
Reflection for 1:1   x
Automatic outbound NAT for Reflection   ✔

Outbound :
Hybrid

Forwards are in the screenshot, what am i doing wrong here?


Is this even working, cause as soon as i set these aliasses as forwards, i get an error message (below)
PHP Warning:  implode(): Invalid arguments passed in /usr/local/www/firewall_nat_edit.php on line 216

So it seems the rules are not being loaded cause of the implode error?

[cranky]

So i removed the aliasses and just entered the ports manually.
Ports are still closed/not being forwarded.
Can anyone tell me what im doing wrong?

[Fright]

Hi
Could you please use one rule as an example (eg tcp3074 rule) to describe what you want to achieve, what you did, what is in the logs when you try to connect?

PHP Warning:  implode(): Invalid arguments passed in /usr/local/www/firewall_nat_edit.php on line 216

this is interesting, although it may not be relevant to the problem. don't remember what you specified as a Category for a rule?

[Greelan]

Are the port forward rules set to create associated firewall rules (check Filter rule association in the port forwards)?

[cranky]

Can you elaborate more about this?
It is set to rule, and I see rules being set on wan

[Greelan]

That's what I meant

[cranky]

That's what I meant

Yeah , then it was good, i set it to rule.
So i see rules on WAN, i see them on forward, yet ports are not being forwarded.
Can this be because of the destination being in a vlan? (10.0.1.x = vlan15)

[Greelan]

Won't make a difference. I have several port forwards going to VLANs. Checked firewall on the endpoint of the port forward?

[cranky]

Won't make a difference. I have several port forwards going to VLANs. Checked firewall on the endpoint of the port forward?

I'm ashamed to admit that I haven't checked the firewall on the endpoint, I'm such an idiot, let me check that and report back

[cranky]

Won't make a difference. I have several port forwards going to VLANs. Checked firewall on the endpoint of the port forward?

I'm ashamed to admit that I haven't checked the firewall on the endpoint, I'm such an idiot, let me check that and report back

Checked the endpoint, there is no filtering active, ill investigate further, any other ideas?
I can see the port being hit on the fw, and i see traffic to VLAN15, how is it still closed lol, im lost. (see screenshot)

[cranky]

noone here that can tell me what im doing wrong?
I searched high and low, and can only find the solutions i already applied.
Ports are not being forwarded, endpoint has no fw.

[Greelan]

Can't see anything obviously wrong on the OPNsense side - in fact the firewall logs suggest the problem is elsewhere. For example, maybe there is a binding issue with the services that you are trying to reach on the endpoint? Maybe they are only configured to allow local connections?

[cranky]

The ports are for battle.net (Cod Warzone) , there is no such setting on that service.
If i remove the opensense, the ports are opened.... So its something within opensense i think, i just cant pinpoint it.

[Greelan]

I think you need to share a bit more about your network setup. You've obviously got another router in the mix?

[Fright]

@cranky
looks like port forward works. something with reply (routes, reply-to or some)
I join @Greelan's question about routes and another question: where is the connection checked from?