Ports 80/443 - Why can't I get them open

[Giz]

I've searched all thru here and google and can not for the life of me get those 2 ports open for an internal apache server. Confirmed with 2 different port checkers. And YES my ISP is NOT blocking anything, my regular routers all have 80/443 open if req'd.
Config:
OPN 25.7.5
System - Settings - Adninistration: TCP Port 4433 and HTTP redirect checked (Disable WebGui redirect rule)
Nat - Source any/any , Destinaion Host = my external ip, redirect to alias'd server and port 80 (same for 443)
Antilockout rule only shows 22 & 4433

I have other NAT'd services/ports with zero issues

TIA
Giz..
PS: My Brain Hurts

[Patrick M. Hausen]

Filter rule association == Pass?

[Giz]

Filter rule association == Pass?

yup, tried with pass and with auto-gen rule

[Stormscape]

Is Port 80 and 443 open on the webserver itself? Is there a firewall enabled and active?

[Patrick M. Hausen]

Do a packet trace and watch what happens.

[Giz]

Is Port 80 and 443 open on the webserver itself? Is there a firewall enabled and active?

yup and yup, ufw has 22, 80, 443 open

[meyergru]

How did you test that? From your LAN? That says nothing about whether IPs outside of your LAN may access the ports.

Trace the packets coming from outside and see if they leave OpnSense on the LAN side.

[Giz]

Arrgghh! I feel like an idiot, I had a typo in the gateway address of the webserver so opn had nowhere to send it. This can be marked as solved

Thanks everyone for the replies!

Giz..