[pfSense] Port forwarding problem

Wed, 18 Jun 2014 04:56:27 -0700 

Hello there,

I'm having a strange issue where port forwarding just doesn't work.
I've gone over my config a dozen times, but I just can't see where the
culprit is.

Setup is as follows:

VMware host with two NIC's (both E1000), bonded to each their own
physical NIC on the server.
WAN: xxx.xxx.xxx.187/29 - gateway: xxx.xxx.xxx.185
LAN: 10.58.48.250/16 - gateway: 10.58.48.1

I've added an allow ICMP on WAN, and I've verified the following:
 * PING from the outside works
 * pfSense can ping external hosts on WAN, as well as hosts on LAN

Here is a packet capture with medium detail, trying to establish a
connection on port 80 with an active port forward configured on the
pfSense.

11:49:38.315771 IP (tos 0x0, ttl 121, id 20052, offset 0, flags
[none], proto TCP (6), length 52)
    xx.xxx.157.15.62546 > yyy.yyy.yyy.187.80: Flags [S], cksum 0x3ab8
(correct), seq 800729292, win 8192, options [mss 1460,nop,wscale
8,nop,nop,sackOK], length 0
11:49:38.315826 IP (tos 0x0, ttl 121, id 20053, offset 0, flags
[none], proto TCP (6), length 52)
    xx.xxx.157.15.59845 > yyy.yyy.yyy.187.80: Flags [S], cksum 0xd415
(correct), seq 1832148097, win 8192, options [mss 1460,nop,wscale
8,nop,nop,sackOK], length 0
11:49:38.558729 IP (tos 0x0, ttl 121, id 20064, offset 0, flags
[none], proto TCP (6), length 52)
    xx.xxx.157.15.53359 > yyy.yyy.yyy.187.80: Flags [S], cksum 0xe901
(correct), seq 3693933042, win 8192, options [mss 1460,nop,wscale
8,nop,nop,sackOK], length 0

As I can see from the packet capture, the only traffic I see is
between the external host and the WAN IP, no traffic is being passed
to the internal host on the LAN segment.

This is my port forward rule:

WAN    TCP    *    *    WAN address    80 (HTTP)    10.58.48.57    80 (HTTP)

Of course, running 2.1.3, the associated firewall rule has been added
and linked.

I just can't see where I'm going wrong, and why this doesn't work. Any
suggestions or anything either of you can see wrong?

-- 
Yours sincerely Jostein Elvaker Haande
"A free society is a place where it is safe to be unpopular"
- Adlai Stevenson

http://tolecnal.net -- tolecnal at tolecnal dot net
_______________________________________________
List mailing list
[email protected]
https://lists.pfsense.org/mailman/listinfo/list

Reply via email to