Port Forwarding Only Working If Router Is Redirect IP

Started by arrowgant_bowstard, September 11, 2025, 12:30:54 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 11, 2025, 12:30:54 AM
Sorry for the probably simple question. New to opnsense, coming from a simpler solution and trying to learn.

I have a typical setup with a Static IP from my ISP on a WAN interface, and a LAN interface with two web servers. If I go on the web servers, they can access the internet, no issues for Outbound NAT. But I'm running into issues with Port Forwarding. If I create a couple of port forwards like the ones below, it does not connect from my phone on a separate cell connection, either directly from my static IP or from a domain that points there. The webserver alias in this case is the IP address of one of the servers on the LAN interface (192.168.1.178 in this instance). Same result if I change the alias to the other web server's IP (192.168.1.177), or if I forgo alias and put the IP addresses in directly.



In my attempt to try to troubleshoot what was going on, I tried to direct it to the LAN interface address of my router (192.168.1.1), and that works. It warns of a redirect attack instead of showing the opnsense login screen, which makes sense, but it actually connects to the machine.

I'm sure there's a setting somewhere denying the connection, but I'm unsure where to look for it. Any advice is appreciated.

Below are the Firewall rules I currently have, if that helps. They were all generated by opnsense, except for the ICMP one (pinging was one of my steps to figure it out). Let me know if expanding the ones under the collapse is helpful.



September 11, 2025, 12:40:24 AM #1
Move the OPNsense UI to a port different from 443 and disable HTTP to HTTPS redirection for the UI if you want to use ports 80 and 443 for your own server(s).
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
September 11, 2025, 01:04:07 AM #2
Thank you for the suggestion.  I have changed the port for opnsense's GUI (8080) and disabled redirect.  Still unable to connect when forwarding to a server.
September 11, 2025, 08:45:30 AM #3
Where is the client located from which you are trying to connect? Considering network topology.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
September 11, 2025, 06:20:00 PM #4
The client was on a cell phone on the cellular network for internet.

As a sanity check, I backed up my configuration and reinstalled opnsense to see if the problem persisted.  It did not, the reinstall fixed it.  I have not had a chance to compare configurations to see what change was made that caused the issue, but it has been resolved.  Thank you for your help!
Print
Go Up Pages1
User actions