So i change the Rules to be: Proto | Source | Port | Destination | Port | Gateway | Schedule | Description ------+------------+-----------+-------------+-----------+---------+----------+------------ TCP |* | 1025 | 192.168.1.3 | 80 (HTTP) | * | | NAT
And my NAT rules are: If | Proto | Ext. port range | NAT IP | Int. port range | Description ----+-------+-----------------+--------------------------+-----------------+------------ WAN | TCP | 1025 | 192.168.1.3(ext.: any) | 80 (HTTP) And I'm still not able to connect from outside to my internal web server (I'm suing different ISP to test this BTW) On Fri, 2008-09-05 at 00:02 -0400, Chris Buechler wrote: > On Thu, Sep 4, 2008 at 11:58 PM, JarekVB <[EMAIL PROTECTED]> wrote: > > Hello List. > > > > Here is my situation. I have been using pfSense for the last year and > > didn't have any problems till about 2 months ago. > > I change a job and decided that I needed to renew my IP to make sure > > that my co-worker does not get in to my computer. > > > > After the renew (and several re-installs) I'm not able to connect to my > > computer using VNC or in fact not even connect to my Web Server that i > > setup. > > > > In the NAT settings I have > > Port Forward Tab: > > > > If | Proto | Ext. port range | NAT IP | Int. port > > range | Description > > ----+-------+-----------------+--------------------------+-----------------+------------ > > WAN | TCP | 80 (HTTP) | 192.168.1.3(ext.: any) | 80 (HTTP) > > | > > > > My Rules WAS tab: > > > > Proto | Source | Port | Destination | Port | Gateway | > > Schedule | Description > > ------+------------+-----------+-------------+-----------+---------+----------+------------ > > TCP |WAN address | 80 (HTTP) | 192.168.1.3 | 80 (HTTP) | * | > > | NAT > > > > This means that only traffic sourced from your WAN IP address using > source port 80 can access the port forward. Source IP is going to be > the public IP you're coming from on the Internet, not your WAN IP. > Source port is going to be in the ephemeral port range, 1024-65535. > > Fix the firewall rule and it'll work. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
