[SOLVED] OPNsense in VM cannot portforward webserver on VM-host through router

Started by boogieman, February 22, 2017, 09:11:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 22, 2017, 09:11:42 PM Last Edit: February 23, 2017, 01:09:09 PM by boogieman
Hi guys,

I have already posted this in the German forum, but I hope that I can reach even more people here:

I have spent hours and hours with trial, error and research, but to no avail.

My AV-FritzBox router (192.168.0.251) serves as gateway for my OPNsense VM (Virtualbox).
OPNsense has WAN-IP 192.168.0.5 (static) and LAN-IP 192.168.1.1 (static).
I have opened port 80 WAN-IP 192.168.0.5 in my router.
Portforwarding the webinterface of OPNsense (just for testing purposes!) through IP 127.0.0.1 or 192.168.0.5 or  192.168.1.1 on my router is working just fine.
But I cannot seem to get my webserver (which is also the host of the OPNsense VM!) with IP 192.168.0.101 eth0 and 192.168.1.101 ens3 to portforward port 80, 443 and 21 through my router.

What am I missing here?

Any hint is very much appreciated!

Thanks in advance
Boogieman

(German thread: https://forum.opnsense.org/index.php?topic=4610.0)
February 22, 2017, 09:46:11 PM #1
have you setup port forwards under Firewall>NAT>Port Forward?

The screenshots you posted are just firewall rules.
February 22, 2017, 09:53:54 PM #2
Hello djGrrr, thanks for the quick reply.
Yes, I did. The first picture named "opn.PNG" actually shows an excerpt of the page "Firewall: NAT: Port Forward".
February 23, 2017, 02:08:23 AM #3
Ahh sorry, somehow I missed the "NAT" in the heading :S

As for the port forwards, try setting all 3 of the WAN rules to use "WAN address" as the destination address, you generally do not want anything but WAN address as destination for incoming WAN port forwards.

Also, you must turn off the "Block private networks" option in your WAN interface config, because your WAN is on a private network.
February 23, 2017, 07:47:50 AM #4
The three different networks (any, WAN net and WAN address) should show you that I have tried all three options.
I have set them to WAN address, which I had done before.
I also disabled the block private networks rule, which I had also done before - but I wasn't sure if Imhad tried it in combination with my recent settings. 😄
Unfortunately it still does not work.
February 23, 2017, 01:08:53 PM #5
SOLVED:
I had to make some adjustments in Apache.
After rebooting the server, everything worked fine!
Print
Go Up Pages1
User actions