problems with Firewall: NAT: Port Forward and VLAN Over VM

Started by Moty_p, January 16, 2023, 11:05:46 PM

Previous topic - Next topic
hi all... new here....:)
i have problem with port forward in NAT firewall rules
all the configuration is correct

i have iis server in my network and i have add rule in firewall
i have add the next rule in Firewall: NAT: Port Forward
Interface: wan
TCP/IP Version: ipv4
Protocol: tcp
Destination: wan address
Destination port range: from: http to: http
Redirect target IP: 10.0.0.2
Redirect target port: http
NAT reflection: enable
Filter rule association: rule iis 80

and also i have add the next rule in Firewall: Rules: WAN
Protocol:  IPv4 TCP
Destination: 10.0.0.2
Description:  iis 80

like you can see the config is correct and really in the begin it work
so you can go to my webpage via ddns\ip
but not i have change my isp
so i need to setup a new pppoe dial-up connection
so i have add new Point-to-Point: Devices and change the wan interfaces
i back online ;)

since then the Port Forward stop work and i can not access my website  :'(
i have try to remove the rule from Firewall: NAT: Port Forward
and do it again but is not solved the problem so
so i don't know what more i need to do....  :'( i have call to my isp to see if there is a block from their side but they said no

also i have problems via vlan over VM
i have setup & config VLAN1:
Enable Interface on
dhcp on
all the correct configuration and yet not work!
so i have install opnsense on my laptop on other ssd and the VLAN IS WORK so
why is not work if it on VM? (Run Hyper-H)

Place help me TY



my machine:
1) physical brand computer
    I3-4130 CPU @ 3.40GHz (2 cores, 4 threads)
    8GB Ram
    120GB SSD
    3X1GB Nic

Run: captiveportal, ClamAV Daemon, Insight Aggregator, Intrusion Detection, OpenVPN server, ACME client, zenarmor.

It could be that your new ISP uses CGNAT https://en.wikipedia.org/wiki/Carrier-grade_NAT

Browse to https://ifconfig.co and see if the public IP matches that on your firewall.

If you do suffer from CGNAT, you may need to think about alternatives. I've used Cloudflare tunnels in similar situations: https://github.com/cloudflare/cloudflared

Bart...

i open account and change the Settings in Dynamic DNS to Cloudflare but waht now?
my machine:
1) physical brand computer
    I3-4130 CPU @ 3.40GHz (2 cores, 4 threads)
    8GB Ram
    120GB SSD
    3X1GB Nic

Run: captiveportal, ClamAV Daemon, Insight Aggregator, Intrusion Detection, OpenVPN server, ACME client, zenarmor.


 Disable web GUI redirect rule is on and active
my machine:
1) physical brand computer
    I3-4130 CPU @ 3.40GHz (2 cores, 4 threads)
    8GB Ram
    120GB SSD
    3X1GB Nic

Run: captiveportal, ClamAV Daemon, Insight Aggregator, Intrusion Detection, OpenVPN server, ACME client, zenarmor.