Problem with NAT and Rule

[arnodu59]

Hello everyone,

Looking around, I see that the subject has come up several times, but after trying everything I've read on the forum, I can't get port forwarding to work...

I would like OPNSense to forward port 8123 to a local ip...
I've created a WAN rule and configured NAT.

In the firewall logs I can see the authorization, but my local server doesn't respond... (no problem from the local network)

Here is the firewall log:
https://ibb.co/fk45vM8

The NAT setting :
https://ibb.co/4mbR7ns

The WAN rule :
https://ibb.co/z4S9Lr5

And finally the advanced firewall settings :
https://ibb.co/n78VGsq

Do you know where I made a mistake?

Thanks in advance for your help :)

[viragomann]

Possibly the server blocks access by its own firewall?
This is the default behavior normally, if you didn't explicitly allow access from outside of its subnet.

[arnodu59]

Hello,

No, the local server authorizes the connection (before OPNsense, my router redirected the ports and there was no problem).

[viragomann]

(before OPNsense, my router redirected the ports and there was no problem).

And it did masquerading on inbound traffic, as some consumer class routers do...

Sniff the traffic on the internal interlace to see if the packets are forwarded or not.
If there are no replies configure your server properly.

[dseven]

There's an unneeded extra rule on the WAN interface, but I don't think it'd break the port forwarding, so I'm also leaning towards something on the internal server side. Maybe a host-based firewall? Or lack of a default route (but that would probably break other things in HA).

[arnodu59]

That's right!

The problem was indeed server-side. I had misconfigured the gateway :-/

Thank you all for your help :)