Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[Solved]Port forward behind ISP Router
« previous
next »
Print
Pages: [
1
]
Author
Topic: [Solved]Port forward behind ISP Router (Read 3619 times)
Jose
Newbie
Posts: 21
Karma: 8
[Solved]Port forward behind ISP Router
«
on:
June 26, 2018, 07:34:28 pm »
Hi, since I've tried numerous how-to also can't search for solution yet, I decided to starting a new thread in hope someone in the same boat with solution can bring some light.
I'm having a very hard time trying to get a simple web server to be accessible outside my network(for testing purposes) through No-IP/Port forward, I will post brief setup of my current network in hope to get some advice if I am doing something wrong on my end, before I consider to call my ISP in which is very slow wen it comes to customer support unfortunately.
Lets start with my setup and what I'm trying to accomplish for reference, my setup is as follow:
ISP/Locked Router/DHCP WiFi/AP/Bridge Switch/Unmanaged Wired
[Ubiquiti Wireless Radio]----->[OPNsense 18.1.10]----->[Netis WF2419]----->[ PowerConnect 2808]----->[Clients]
HERE
is an image of the above network setup/diagram.
My Web server in question is a simple Apache server running on my FreeBSD file server and currently accessible locally with the IP: 192.168.1.xxx:8080, OPNsense is handling all the Unbound DNS, DHCP and DDNS with my No-IP account, the DynDNS plugin is currently working and cached my outside WAN IP address and is reflected in the No-IP website as expected, now the odds are coming.
I configured port forwarding for the Apache IP/port as follows:
<Source>
[IF=WAN]--[Proto=TCP]--[Address=*]--[Ports=*]
<Destination>
[Address=LAN Address]--[Ports=*]
<NAT>
[NAT=192.168.1.xxx]--[Ports=8080]
My DNS Servers are as follow:
#1: 208.67.222.222
#2: 208.67.220.220
#3: 192.168.1.1
Allow DNS server list to be overridden = Unchecked
Do not use the DNS Forwarder/Resolver = Unchecked
A further test I performed under Windows "nslookup" returned also the following:
>
myhostname.ddns.net
Server: opnsense.localdomain
Address: 192.168.1.1
Non-authoritative answer:
Name: myhostname.ddns.net
Address: 104.238.xxx.xxx (WAN IP)
>
Overall with this setup, I can access my specified "myhostname.ddns.net" and I'm redirected to external WAN which is working fine, but the port forward is not redirecting to internal Apache target IP/port for some reasons, in either default port 80 nor with 8080 etc, additionally every port tester I've used say Port not open and others say Connection refused.
I really apologize for my rather messy post and I hope to get some advice from experienced OPNsense users regarding port forward behind a locked ISP router, oh and really sorry for my English.
Regards
«
Last Edit: July 07, 2018, 03:08:12 pm by Jose
»
Logged
Jose
Newbie
Posts: 21
Karma: 8
Re: Port forward behind ISP Router
«
Reply #1 on:
June 27, 2018, 10:20:23 am »
Hello, again I'm really sorry for this rather repetitive and messy type of post, however since
I'm in this same boat
unfortunately, and cannot access my ISP Router/NAT, I just give up on it, and will try alternate solutions like in the previously posted link above, since switching from ISP is not an option by the moment.
Regards
Logged
Jose
Newbie
Posts: 21
Karma: 8
Re: Port forward behind ISP Router
«
Reply #2 on:
June 27, 2018, 04:23:18 pm »
I think I found a quick working solution to workaround this Locked ISP/Carrier Grade NAT issues, is a no install required service called
Serveo
, an SSH server remote port forwarding, while may not fit every solution, home/soho can benefit from it I think.
I just created a script to fit my needs with a heartbeat loop to auto reconnect upon remote host possible disconnections/target machine availability, and is working great so far from OPNsense appliance itself since its 24/7.
Maybe a very simple plugin supporting this and similar services could be useful, will take a look into it by the way.
Regards
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[Solved]Port forward behind ISP Router