Open ports on network interfaces

[Robertomcat]

Hello, good afternoon. Currently, my router has three different interfaces for different work areas. I'm trying to open a specific port for the network called "NPL" from the Firewall>NAT>Port Forwarding section, but I'm not configuring some of them correctly, and I can't access it from the outside. Could any of you help me? Here are some screenshots.

I'm using the most up-to-date version of OPNsense 25.1.7_4

[cookiemonster]

Change the from ports "rango de puertos destino" from 55432 to 55432 TO any to any UNLESS you know the requests will come from those ports.

[viragomann]

Change the from ports "rango de puertos destino"

I assume, this is the destination port. So it might be desired to be specific.
The source port might be hidden behind Orígen in his GUI.

@Robertomcat
I assume, you have filter rule association enabled in the NAT rule.

But does your backend server even allow access from outside?
You can sniff the traffic in the server side interface using the packet capture tool, to see if the traffic is forwarded and if the server responds.

[Robertomcat]

Change the from ports "rango de puertos destino"

I assume, this is the destination port. So it might be desired to be specific.
The source port might be hidden behind Orígen in his GUI.

@Robertomcat
I assume, you have filter rule association enabled in the NAT rule.

But does your backend server even allow access from outside?
You can sniff the traffic in the server side interface using the packet capture tool, to see if the traffic is forwarded and if the server responds.

Thanks for your responses.
I've been using OpnSense for a while, but it turns out I had the server installed in a different location on an Edge router, and now I can't open the ports.

In this case, it's a basic port rule for P2P traffic. Regarding the filter rule association, the box automatically says "rule Qbittorrent," which is the name of the description I gave it. I'm also not sure if what I'm doing by using the same external and internal port is very secure.

Could some firewall rule be preventing the ports from being opened? Currently, within this same network, there are eight computers that I've specified cannot access the router's management IP address, another so they cannot access the main home LAN, and finally, I've specified that the IP address 192.168.10.55 can access the main home LAN.

[cookiemonster]

In case you are unfamiliar and the GUI being in a different language makes it a little hard to help quickly, the port forwarding rules usually have any source ports because the outside calling port is usually unknown. The destination port is what you want to forward to, so that one is defined.
That's what we're both hinting at.
If it was working before it should work now, assuming that when you say "different location" you mean different physical but still the same network setup in which case it might only be sessions that need re-establishing.

[Trannie]

Hello, good afternoon. Currently, my router has three different interfaces for different work areas. I'm trying to open a specific port for the network called "NPL" from the Firewall>NAT>Port Forwarding section, but I'm not configuring some of them correctly, and I can't access it from the outside. Could any of you help me? Here are some screenshots.
Wacky Flip
I'm using the most up-to-date version of OPNsense 25.1.7_4

Have you tried checking the auto-generated rule in Firewall > Rules for the "NPL" interface after configuring NAT? I had the same error because there was no corresponding firewall rule, even though the port forwarding was correct.

[Robertomcat]

In case you are unfamiliar and the GUI being in a different language makes it a little hard to help quickly, the port forwarding rules usually have any source ports because the outside calling port is usually unknown. The destination port is what you want to forward to, so that one is defined.
That's what we're both hinting at.
If it was working before it should work now, assuming that when you say "different location" you mean different physical but still the same network setup in which case it might only be sessions that need re-establishing.

I've tried changing the language of the graphical interface to make it easier to read, but it still appears in Spanish, even after restarting the firewall.
Regarding the different location, I mean the server was in a different location and another Ubiquiti router, on which the ports were also open.

Hello, good afternoon. Currently, my router has three different interfaces for different work areas. I'm trying to open a specific port for the network called "NPL" from the Firewall>NAT>Port Forwarding section, but I'm not configuring some of them correctly, and I can't access it from the outside. Could any of you help me? Here are some screenshots.
Wacky Flip
I'm using the most up-to-date version of OPNsense 25.1.7_4

Have you tried checking the auto-generated rule in Firewall > Rules for the "NPL" interface after configuring NAT? I had the same error because there was no corresponding firewall rule, even though the port forwarding was correct.

Yes, the rules appear created in the WAN section in the firewall.

[cookiemonster]

looks like it should be working. The NAT port forward looks right and you've confirmed there is an associated pass rule (which should be on the WAN).
Next is to show screenshot of all the rules then, both NAT and the interfaces.

[Robertomcat]

looks like it should be working. The NAT port forward looks right and you've confirmed there is an associated pass rule (which should be on the WAN).
Next is to show screenshot of all the rules then, both NAT and the interfaces.

I'm leaving some screenshots to see if they can help you, although I haven't been able to change the interface language. Thanks.

[cookiemonster]

can't see them but thanks. I can't get to linked hosting sites. Can you re-add them to this thread? We need to see them all, that is to say the WAN and LAN but we need to see the NATs too. I can't tell, sorry if you have included them.

[Robertomcat]

This is the missing screenshot, as it exceeded the limit in the previous post. Sorry.

[Robertomcat]

can't see them but thanks. I can't get to linked hosting sites. Can you re-add them to this thread? We need to see them all, that is to say the WAN and LAN but we need to see the NATs too. I can't tell, sorry if you have included them.

I just uploaded all the screenshots, and now you can see them. Thanks.

[cookiemonster]

thanks - those attachment are very small, you're killing my eyes! :)
Can you show the Rules on WAN please, those are the linked ones from the port forwards that we need to check.

[Robertomcat]

thanks - those attachment are very small, you're killing my eyes! :)
Can you show the Rules on WAN please, those are the linked ones from the port forwards that we need to check.

Hello, good morning. It's probably because I open the screenshots from a 4K monitor and they look fine, but they may appear smaller on other computers. Sorry. I'm attaching the screenshot of the WAN rules.

[cookiemonster]

All seems as it should.
As viragomann said, see in the live logs of the firewall that they are blocked or allowed. Then be sure the receiving server is not blocking the traffic.
Last resort is to recreate the NAT rule, and verifying the setting from Firewall: Settings: Advanced that you have automatic reflection for port forwards (which I think you have).