On Tue, Jul 19, 2011 at 3:00 PM, Chris Brennan <[email protected]> wrote:
> -------- Original Message -------- > Subject: m1n1 device w/ ath wireless > Date: Fri, 15 Jul 2011 12:49:55 -0400 > From: Chris Brennan <[email protected]> > To: pfSense Support <[email protected]> > > > Greetings! > > > > I've got a Netgate m1n1 2D13 Firewall with an Atheros 4G CM9 Wireless > > card. As far as I can tell, hardware wise, everything works just > > fine. The problem is that after my wireless devices associate with > > the netgate, I am unable to actually go anywhere. I've added a fw > > rule to blanketly let everything out over wireless and it's bonded > > with my LAN so all the traffic is on the same subnet. I'm not sure > > what else I need to/should have to do to make this work. Some help > > would be appreciated. :) > > > P.S. I am new to *this* list, if I missed something, let me know and > > I'll make the necessary adjustments. > > I've been seeing some activity on the pfSense list, so I know it works, > but no one has bothered to followup on this and help me figure this out > and it's 5 days old already :( I've never had mail such as this go so > long, even on a low-traffic mailing list, unanswered. > > Wireless now works and I can correctly route out over the internet. I > have *nfc* what I did, but it works. And the firewall is correctly > blocking all incoming traffic as expected. > > My problem now is that I am trying to open port 2500 on the outside and > redirect it over my lan to my gentoo box where I have a web-server > running (for my own private purposes). I've added the NAT rule and it > successfully created the firewall rule, but the port is still not open. > I'm not sure what I did wrong here but some screenshots can be seen here > > http://imageshack.us/photo/my-images/228/screenshot43e.png/ > http://imageshack.us/photo/my-images/215/screenshot42h.png/ > http://imageshack.us/photo/my-images/853/screenshot44v.png/ > http://imageshack.us/photo/my-images/585/screenshot48p.png/ > http://imageshack.us/photo/my-images/847/screenshot49y.png/ > > If I've missed something, please let me know and I shall provide it. > > > -- > > Chris Brennan > > -- > > A: Yes. > > >Q: Are you sure? > > >>A: Because it reverses the logical flow of conversation. > > >>>Q: Why is top posting frowned upon? > > http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ > > GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) > ------------------------------------------------------------------------ > Your firewall rule is wrong. It needs to allow from ANY source port to 2500 destination port. The source port is random from the client and the port that you want to open on the firewall is 2500. When you redirect that to port 80 using port forwarding, that is after it has already passed through the firewall successfully. It looks like you are using pfSense 1.2.x. If you can update to one of the 2.0 release candidates (I don't know how updates work for the Netgate-branded version), it has a feature that will automatically create the proper firewall rule when you forward a port. Moshe ------------------------------ Moshe Katz -- [email protected] -- +1(301)867-3732
