Port Forwarding Not Working

Started by Jims-Garage, March 12, 2025, 01:33:45 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
March 12, 2025, 01:33:45 PM
Since upgrading from 24.7 to anything 25.1.x port forwarding does not work (currently on 25.1.3).

I literally upgraded through the GUI, I have not changed any settings within the firewall. All other functions appear to work normally but port forwarding does not.

I do not see any drops in the logs, I have deleted and recreated all NAT and firewall rules to no avail.

Does anyone have a solution, I'd really like to avoid a clean install.
March 12, 2025, 03:02:17 PM #1
Same here...
I haven't change anything. Just updated from 24.7.12 to 25.1.3

Just 1 port and 1 rule - but I can't ping my device.
March 12, 2025, 03:21:05 PM #2
Mmh... After i called up the liveview of the firewall, the ping suddenly went through... now it works.
March 12, 2025, 03:26:13 PM #3
You have a HTTP rule and complain about pinging ? There's no relation between the live view and things passing through the FW.

Plus, you've hijacked Jim's thread. Next time please open your own
March 12, 2025, 03:33:43 PM #4
Quote from: Jims-Garage on March 12, 2025, 01:33:45 PMI'd really like to avoid a clean install.

Unless you're willing to redo your configuration from scratch - and then do a diff between old and new config - what is a clean install supposed to achieve ? The moment you imported the old config and checked for updates - for the rest of the plugins to be installed - you're back to the same place. There's probably a configuration issue somewhere...but that's all I can say based on the information provided.
March 12, 2025, 03:40:34 PM #5
Hey newsense.
I already realize that there is no logical dependency between a Firewall Live View and the ping. Nevertheless, I've been testing around all morning with several restarts etc. and the internal ping to my device went through at the exact moment I opened the Live View.
If I've upset you or Jim, I'm sorry.
March 12, 2025, 03:50:41 PM #6
No worries, it's all good.
March 12, 2025, 04:04:05 PM #7
Quote from: newsense on March 12, 2025, 03:50:41 PMNo worries, it's all good.

Puh! :-)

However, I do not understand this sentence:

Quote from: newsense on March 12, 2025, 03:26:13 PMYou have a HTTP rule and complain about pinging ?

What's wrong? I have a device that I want to reach from outside and have set up this port forwarding for it. Why shouldn't I ping the device as a test? I would appreciate a brief explanation.
March 12, 2025, 04:08:34 PM #8
Quote from: newsense on March 12, 2025, 03:33:43 PM
Quote from: Jims-Garage on March 12, 2025, 01:33:45 PMI'd really like to avoid a clean install.

Unless you're willing to redo your configuration from scratch - and then do a diff between old and new config - what is a clean install supposed to achieve ? The moment you imported the old config and checked for updates - for the rest of the plugins to be installed - you're back to the same place. There's probably a configuration issue somewhere...but that's all I can say based on the information provided.

Thanks for responding. To rule out something that has corrupted during upgrade perhaps?

Either way, I have bitten the bullet and done a reinstall. That went fine, however, after restoring the config it doesn't work as you stated. Therefore there must be a problem with my configuration file, but it was fine in 24.7.

Guess I'll dig out an old config file and see what happens... Do you have any ideas what might have caused this?
March 12, 2025, 04:48:00 PM #9
Urghh, it was my DNS record... DynamicDNS broke during the upgrade so my IP was incorrect. It moved by 1 number so I didn't spot it.

Thanks for responding.
March 12, 2025, 06:39:52 PM #10
Happy to hear you've found the issue.

There were no reports of NAT related issues in the past few weeks, so the only possibilities for corruption would have been an interrupted upgrade - which you would've mentioned or hdd failure...and iirc you're virtualized.
March 12, 2025, 06:43:38 PM #11
Quote from: emmitt on March 12, 2025, 04:04:05 PMHowever, I do not understand this sentence:

Quote from: newsense on March 12, 2025, 03:26:13 PMYou have a HTTP rule and complain about pinging ?

What's wrong? I have a device that I want to reach from outside and have set up this port forwarding for it. Why shouldn't I ping the device as a test? I would appreciate a brief explanation.

It appears you only have the http rule on the WAN, so there's no way for you to ping the server from the outside and get a response.
March 22, 2025, 05:12:04 AM #12
I actually am having the exact same issue. I have been port forwarding for years with opnsense. Now with the latest upgrade 25.1.3. My ports are no longer open with no changes other than the upgrade.
March 23, 2025, 10:12:16 AM #13
Dear all,

I am a longtime opnsense user as well. Since the update to version 25.1.3 my portforwarding does not work any more. I have 2 opnsense firewall machines running in high availabilty mode each running on a virtual machine virtualised by proxmox ve. I cant find anything in the logs so I would be very thankful for any hints on things I can provide or test to help solve the issue.

Thanks in advance.
March 23, 2025, 10:18:58 AM #14
Please show the details of the port forwarding rules that are not working as expected. Diagnosing any problem without that information is hardly possible.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1 2
User actions