[pfSense Support] Port 80

Mon, 07 Jan 2008 13:07:20 -0800 

Hi Pfsense list, (first time poster - I'm loving pfsense)
I have followed the updated tutorial for transparent firewall http://pfsense.trendchiller.com/transparent_firewall.pdf
I've tried with 1.2-BETA-2 and 1.2-RC3, it all just about makes sense expect I cannot get port 80 to open up. I'd like to open up port 80 to a windows IIS6 machine 

Heres the test rig: (yes real ip address's!)

My Location = external to all this on another connection

ADSL MODEM (transparent dumb box) 78.32.32.9
pfsense WAN 78.32.32.10/29
pfsense Gateway: 78.32.32.9
pfsense LAN 192.168.1.1 + BRIDGE with WAN
webGUI Port: 10443
webGUI protocol: HTTPS
Enable filtering bridge = on
Disable webGUI anti-lock out = on
Block private networks = on (tried off, no change)
Disable userlanbd ftp proxy = on
NAT Outbound = Manual
NAT Outbound Rule = No nat (NOT)

Windows Box does not have windows firewall switch on = absolutely confirmed.
IIS is on port 80
RDP port 3389
windows ip address: 78.32.32.14
windows subnet: 255.255.255.248
windows gateway: 78.32.32.9


LAN RULE = Allow anything out (this is just a testing box)

If I create a WAN RULE
TCP - Any Source - Any port - dest 78.32.32.14 - dest port TCP 3389 - gateway any Then I can RDP into the box, I have logging switched on and I see the entry in the firewall log 

If I create a WAN RULE
TCP - Any Source - Any port - dest 78.32.32.14 - dest port TCP 80 - gateway any Then I cannot see the IIS test page from my browser, logging is switched on, but I never see an entry in the firewall log 

If I delete the rules, and try

http://78.32.32.14:3389 - I see firewall logs
http://78.32.32.14:4000 - I see firewall logs
http://78.32.32.14:80 - I see no firewall logs

'netstat -an' confirms that nothing appears to be using port 80
if i try a packet capture for 78.32.32.14:80 - I see nothing
It appears to me that the traffic could be being dropping before being evaluated by the firewall rules?
Whats going on? Any help, guideance, direction, or request for more info would be greatly appreciated. I hope I give enough information. 

Kind Regards,
Paul



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to