Crazy me but, can you see the IIS box on port 80 from the LAN? Do you have the IIS box set up to answer on the public IP you are assigning it? Can you ping the box from the outside? I would give the IIS box a private address and use aliases to port forward port 80. I am not sure but I don't think you can BRIDGE your WAN and LAN.
-----Original Message----- From: Paul Cockings [mailto:[EMAIL PROTECTED] Sent: Monday, January 07, 2008 1:02 PM To: [email protected] Subject: [pfSense Support] Port 80 Hi Pfsense list, (first time poster - I'm loving pfsense) I have followed the updated tutorial for transparent firewall http://pfsense.trendchiller.com/transparent_firewall.pdf I've tried with 1.2-BETA-2 and 1.2-RC3, it all just about makes sense expect I cannot get port 80 to open up. I'd like to open up port 80 to a windows IIS6 machine Heres the test rig: (yes real ip address's!) My Location = external to all this on another connection ADSL MODEM (transparent dumb box) 78.32.32.9 pfsense WAN 78.32.32.10/29 pfsense Gateway: 78.32.32.9 pfsense LAN 192.168.1.1 + BRIDGE with WAN webGUI Port: 10443 webGUI protocol: HTTPS Enable filtering bridge = on Disable webGUI anti-lock out = on Block private networks = on (tried off, no change) Disable userlanbd ftp proxy = on NAT Outbound = Manual NAT Outbound Rule = No nat (NOT) Windows Box does not have windows firewall switch on = absolutely confirmed. IIS is on port 80 RDP port 3389 windows ip address: 78.32.32.14 windows subnet: 255.255.255.248 windows gateway: 78.32.32.9 LAN RULE = Allow anything out (this is just a testing box) If I create a WAN RULE TCP - Any Source - Any port - dest 78.32.32.14 - dest port TCP 3389 - gateway any Then I can RDP into the box, I have logging switched on and I see the entry in the firewall log If I create a WAN RULE TCP - Any Source - Any port - dest 78.32.32.14 - dest port TCP 80 - gateway any Then I cannot see the IIS test page from my browser, logging is switched on, but I never see an entry in the firewall log If I delete the rules, and try http://78.32.32.14:3389 - I see firewall logs http://78.32.32.14:4000 - I see firewall logs http://78.32.32.14:80 - I see no firewall logs 'netstat -an' confirms that nothing appears to be using port 80 if i try a packet capture for 78.32.32.14:80 - I see nothing It appears to me that the traffic could be being dropping before being evaluated by the firewall rules? Whats going on? Any help, guideance, direction, or request for more info would be greatly appreciated. I hope I give enough information. Kind Regards, Paul --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
