Cannot reach local resources from outside of my LAN on IPv4 nor IPv6

Started by opnserious, August 05, 2024, 08:08:37 PM

Previous topic - Next topic
Dear OPNsense community,

For some reason I cannot access internal resources with port forwarding over IPv4 outside of my LAN (using my mobile phone's cellular network for instance).

However, internally I can reach my resources from a domain name that I have registered at domain registrar (Porkbun in my case) both on IPv4 and IPv6. As an example, to test if I can reach internal resources I created a simple apache web server VM on Proxmox that listens on port 80 for IPv4.

1. Create apache VM (10.99.0.101) on Proxmox that listens on port 80 for both IPv4 and IPv6
2. Go to domain registrar and set my DNS settings example.com -> 88.89.89.2 (public IP on WAN interface)
3. Go to OPNsense > Firewall > NAT > Port Forward and create two entries for HTTP and HTTPS.

Interface: WAN
TCP/IP Version: IPv4
Protocol: TCP   
Destination: WAN address
Destination port range: HTTP to HTTP
Redirect Target IP: Single host network (10.99.0.101 IP address of apache VM)
Redirect Target port: HTTP
Pool options: default
NAT reflection: Use system default
Filter rule association: Rule

The HTTPS is just a copy from the HTTP with HTTPS. Next to that I attached my Firewall WAN settings. Finally, I also selected inside the Firewall > Settings > Advanced

Reflection for port forwards: Enabled
Reflection for 1:1: Disabled
Automatic outbound NAT for Reflection: Enabled

Hopefully, one could help me here! since right now I cannot reach any internal resource from outside my network.

Cheers :) :)