The pfSense Store

Author Topic: Portforwarding FIN_WAIT_2:FIN_WAIT_2  (Read 122 times)

0 Members and 1 Guest are viewing this topic.

Offline delan009

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Portforwarding FIN_WAIT_2:FIN_WAIT_2
« on: November 22, 2017, 03:09:13 pm »
The situation :

Wan fixed ip
Lan 10.70.200.254
VLAN 100 : 10.70.100.254
VLAN 180 : 192.168.3.1

Rules on VLAN's everything to everything

Device 192.168.3.28(with webservice) on VLAN 180
I can reach this device from VLAN 100, no problem

Now i want to reach this device from outside.

I created a NAT portforwarding.
The port i choosed was 42536. The setting :

     INT     pro  SA  SP  dest.adr          dest.p.  NAT IP             NAT Port

    WAN   TCP   *   *   WAN address   42536   192.168.3.28   (http)80

I checked the port and this is een open port (portchecker)

When i go to ip-Wanadress with port(42536) from home, i get follow (in the state table) :

Interface   protocol   source(original source)   Destination(original destination)           state                                   pakkets    Bytes

WAN         TCP          home-address:55177     192.168.3.28:80(wanaddress:42536)   FIN_WAIT_2:FIN_WAIT_2    6 / 4         658 B / 257 B

So i get no website due the Fin_Wait_2

What (where) can i do to solve this problem?

It's already day's i struggle with it.

Please help me


Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14468
  • Karma: +1340/-200
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Portforwarding FIN_WAIT_2:FIN_WAIT_2
« Reply #1 on: November 22, 2017, 03:12:49 pm »
So your trying to do nat reflection - did you enable that?  test your access from the actual outside.. Not a nat reflection.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline delan009

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: Portforwarding FIN_WAIT_2:FIN_WAIT_2
« Reply #2 on: November 22, 2017, 03:23:07 pm »

NAT Reflection mode for port forward is disabled (system-advanced-firewallNAT)

I have enabled on pure NAT  --> no connection and still FIN_WAIT_2

i have enabled NAT + Proxy  --> no site and still FIN_WAIT_2

Thanks for reply

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14468
  • Karma: +1340/-200
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Portforwarding FIN_WAIT_2:FIN_WAIT_2
« Reply #3 on: November 22, 2017, 05:14:53 pm »
You do undestand fin_wait 2 is normal after fin.. Normally this is a faulty application.. And you sure your not looking at old states..

Why exactly do you even need nat reflection - just access the http directly.. Does your port forward work from outside... Then your down.. There is zero reason for nat reflection.. just use a host override to access the local IP be whatever name is you want that you use on the outside.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)