Netgate SG-1000 microFirewall

Author Topic: Forwarding problem (pf sense behind router)  (Read 130 times)

0 Members and 1 Guest are viewing this topic.

Offline thewindisover

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Forwarding problem (pf sense behind router)
« on: January 02, 2018, 02:48:12 pm »
Hello guys!

I've been trying to solve this problem for quite some time without any success.

I would like to access my NAS Server from outside of the pfsense box (the internal network e.g 192.168.0.100) and also from the outside of the network (Internet). Therefore I would like to ask for some guidance on how to successfully set this bad boy up. Lets say I want to access port 9987 on my NAS server.
I would also highly appreciate some explanation on how to do it.

pfsense box:

WAN: 192.168.0.216
LAN: 192.168.1.1
ISP router: 192.168.0.1
For further information see the attachment below.

Cheers, Joe

Offline KOM

  • Hero Member
  • *****
  • Posts: 5831
  • Karma: +710/-23
    • View Profile
Re: Forwarding problem (pf sense behind router)
« Reply #1 on: January 02, 2018, 02:54:39 pm »
You have a double-NAT config which will make this harder.  Basically, you need a way to tell your ISP modem to forward to pfSense, which will then forward again to the device.  Unfortunately, most ISP modems do not have any intelligence in them and you will not be able to add or modify their rules.  Far better to put the modem in bridge mode so that PfSense gets your WAN address.  But even then you're still in private space, so there is yet another level of NATing going on here to get you to the public Internet.  With all these levels of NAT, you're going to find it difficult to share anything.