Netgate SG-1000 microFirewall

Author Topic: Firewall, Port forwarding Help  (Read 410 times)

0 Members and 1 Guest are viewing this topic.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15761
  • Karma: +1502/-210
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Firewall, Port forwarding Help
« Reply #15 on: December 27, 2017, 11:10:57 am »
Fixed... Wow what a mess that was...

vpn client pulling routes, outbound nat source natting to lan2 interface..  Working now.

If you want to use a vpn client and port forwarding inbound, then you have to correctly set that up - you can not force all traffic out your vpn by pulling routes and expect inbound traffic into your want to answer via your vpn.

And a downstream nat to boot ;)

« Last Edit: December 27, 2017, 11:44:47 am by johnpoz »
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)

Offline z71prix

  • Newbie
  • *
  • Posts: 19
  • Karma: +1/-0
    • View Profile
Re: Firewall, Port forwarding Help
« Reply #16 on: December 27, 2017, 11:47:37 am »
Thank you so much for your support!!! 

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15761
  • Karma: +1502/-210
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Firewall, Port forwarding Help
« Reply #17 on: December 27, 2017, 12:45:26 pm »
Your welcome - but the info about your vpn client and that you were double natting downstream of pfsense is helpful info.

I do not see why your downstream natting other than you are leverage some old router for something... Just use it as switch or AP, it makes no sense to double nat, etc.  And for sure would make it a real pain to port forward to anything behind that downstream router.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)