Thank you for doing these. When my old firewall company went out of business, it was your tutorials that let me move to pfsense and feel pretty confident I was going to be safe after it was done.
I LOVE that you timestamp this video, others and podcasts so that future viewers will know if what you're speaking to may not apply to their future situations.
I believe many teachers I knew could learn from you how to present practical examples that do make sense. Infused with hints at best practices. Nice and clear explanations!
if you are stuck like i was when creating a port forward nat i could not hit the public ip from inside the network. Make sure you go to systems/advance/firewall & NAT and select Pure nat and also check Enable automatic outbound NAT for Reflection thanks to all!!
So the issue I’m having is that I am going to my wan address and it’s not connecting me to the ip address and port I gave it. I know it works because the website hosted on it is available inside the network by going to the ip. Why does port forwarding feel hit or miss?? It was literally working a couple of days ago and now just doesn’t
i' m from belgium.Make sure that on your pfsense wan is in PPPoE mode and that your bbox3 has PPP deactivated in "connectivité réseau ".I was trying to portforward my Ip cams to rtspme ,it didn't work until i deactivated PPP
Hi, i have Pfsense firewall and i have configure to allow 4700 port on my local server to access to WAN, but cannot access from WAN to 4700 port. please guide me to configure it.
Hello mate, how about you make a video of how to securely set up a gaming server on one of the Protectli ports running pfsense with two open ports? I'm trying to set up a server that will run Windowsgsm and Icarus and RUST games and won't get hacked and compromise the rest of the network. Regards
Thank you for these videos. 2 questions I’m trying to port forward for my Plex. I set a different port than the standard port for Plex. Which section do I put the external port in and then which section do I put the actual Plex port?l if I changed the port on the Plex side? Also I’m noticing that under the remote access settings in Plex is not pulling the correct LAN subnet after the port forward. I do have my Plex server on a different lan that has access to the WAN. What May be causing this? Thanks
I want to allow only emails on pfsense for specific IP alias? it may be gmail or yahoo etc ? how to allow only email services from pfsense on some specific devices? I shall be highly thankful
I'm thinking of replacing UDM-Pro for a SMB I manage but they have a 2gb download speed (not that they need it). Is there a semi inexpensive bare bones box with an SFP+ port on it that will route >1gbps? Its very hard to beat the price of the UDMP for >1gb routing + an 8-port switch and unifi protect.
You are a great teacher. Thank you! It worked great for me. My first Port Forwarding was to allow me to access via Remote Desktop, an internal virtual Windows Server 2019 running as a Proxmox VM and it worked great. I have three questions though: 1) Why is the "Destination" a WAN address? Isn't the destination supposed to be the internal server IP and Port I want to forward to? 2) I used the default MS RDP port 3389 but I later read somewhere that opening port 3389 was very dangerous as it is one of the easy targets for hackers. Can I use any unused and unreserved port for Remote Desktop? 3) Is there a list of ports that cannot be used by default as they are specifically reserved for services? Thanks!
Hi Tom, any chance that you could make a video explaining how to do port forwarding through Wireguard? Basically, I got a server that's behind a NAT firewall (Pfsense) and my ISP blocks ports. I want to be able to route any incoming connections through the Wireguard server (Linode's instance) to my server that's behind the NAT Firewall. I really like your videos, keep up the great work. Thank you
Let’s make a video of optical modules together, we sincerely invite you to cooperate with us, we have 10 years of experience in optical module sales and are a trustworthy company, looking forward to your reply~
Thank you for doing these. When my old firewall company went out of business, it was your tutorials that let me move to pfsense and feel pretty confident I was going to be safe after it was done.
I LOVE that you timestamp this video, others and podcasts so that future viewers will know if what you're speaking to may not apply to their future situations.
I believe many teachers I knew could learn from you how to present practical examples that do make sense. Infused with hints at best practices. Nice and clear explanations!
Great video. Thoroughly explained. No issues forwarding ports on my end. At least the ones my provider has open. Danm them.
Loved the video, I'm working with the access to some internal servers and using NAT in this moment, glad to know that is the correct way.
I never fail to learn cool and useful stuff watching your videos.
HOLY SHIT
Thank you finally a tutorial that explained things proper!
My Wireguard now FINALLY WORKS!
Thank you, this is exactly what I've needed for a while.
Thanks! That greatly help me with Port forwarding.
Thanks again for more pfSense tutorials. These are great to pass along to others.
Eazy peazy, saved me some time finding out... Thanks for the Share ! 👌
Awesome - I know I can reliably find videos on all the basics (and more) here.
if you are stuck like i was when creating a port forward nat i could not hit the public ip from inside the network. Make sure you go to systems/advance/firewall & NAT and select Pure nat and also check Enable automatic outbound NAT for Reflection thanks to all!!
So the issue I’m having is that I am going to my wan address and it’s not connecting me to the ip address and port I gave it. I know it works because the website hosted on it is available inside the network by going to the ip. Why does port forwarding feel hit or miss?? It was literally working a couple of days ago and now just doesn’t
add the server or pc hosting the things you want port forwarded as a static ip, makes it alot more reliable no misses
i' m from belgium.Make sure that on your pfsense wan is in PPPoE mode and that your bbox3 has PPP deactivated in "connectivité réseau ".I was trying to portforward my Ip cams to rtspme ,it didn't work until i deactivated PPP
Hi, i have Pfsense firewall and i have configure to allow 4700 port on my local server to access to WAN, but cannot access from WAN to 4700 port. please guide me to configure it.
I think there's an issue with my isp modem... I even configured the modem traffic to DMZ the pfsense WAN port but still doesn't work :/
With the Alias Port forwards does this only work with matched protocols?
How do you always know what I'm setting up before I do it?? Just got this working on opensense, pretty much the same way. Thanks Tom!!
Hello mate, how about you make a video of how to securely set up a gaming server on one of the Protectli ports running pfsense with two open ports? I'm trying to set up a server that will run Windowsgsm and Icarus and RUST games and won't get hacked and compromise the rest of the network. Regards
Thank you for these videos. 2 questions I’m trying to port forward for my Plex. I set a different port than the standard port for Plex. Which section do I put the external port in and then which section do I put the actual Plex port?l if I changed the port on the Plex side?
Also I’m noticing that under the remote access settings in Plex is not pulling the correct LAN subnet after the port forward. I do have my Plex server on a different lan that has access to the WAN. What May be causing this? Thanks
I want to allow only emails on pfsense for specific IP alias? it may be gmail or yahoo etc ? how to allow only email services from pfsense on some specific devices? I shall be highly thankful
You should really mention the port forward restrictions when you enable Reflection!
(Cannot use “any” as source!).
Thank you. This is useful
Great video, can you do a video on how to set up nut to use pfsense and synology with one ups
Sir, in my case i cannot access my application locally with wan ip address
Instead of Nat reflection, wuold highly suggest , as does the NetGate documentation suggests, use Split-DNS. Much simpler.
Sounds great until you have people using mobile devices that often ignore local DNS which is why both should be done.
@@LAWRENCESYSTEMS thats what overrides are for.
Unfortunately, for me, none of this works. I set up and follow tutorials and none of my ports are working. SO frustrating. 😞
I'm thinking of replacing UDM-Pro for a SMB I manage but they have a 2gb download speed (not that they need it). Is there a semi inexpensive bare bones box with an SFP+ port on it that will route >1gbps? Its very hard to beat the price of the UDMP for >1gb routing + an 8-port switch and unifi protect.
We use the Netgate6100
Is it possible to forward ports on Pfsense when HAproxy is enabled? And if so how?
I don't understand the question
You are a great teacher. Thank you! It worked great for me. My first Port Forwarding was to allow me to access via Remote Desktop, an internal virtual Windows Server 2019 running as a Proxmox VM and it worked great. I have three questions though:
1) Why is the "Destination" a WAN address? Isn't the destination supposed to be the internal server IP and Port I want to forward to?
2) I used the default MS RDP port 3389 but I later read somewhere that opening port 3389 was very dangerous as it is one of the easy targets for hackers. Can I use any unused and unreserved port for Remote Desktop?
3) Is there a list of ports that cannot be used by default as they are specifically reserved for services?
Thanks!
WAN is the external interface then it forwards to an internal. There is NO SAFE WAY to have RDP open to the internet, use a VPN.
@@LAWRENCESYSTEMSThank you very much for the info!
there is no possibilty to use SNAT. what would you recommend?
Not sure your goal, but this might be what you are looking for docs.netgate.com/pfsense/en/latest/nat/outbound.html
Awesome!
Hey Tom is there a possibility for you to make tutorials for Sophos etc? Thanks for all the years of helping us :)
Nope, I don't use Sophos or have any plans to do so.
I have tried it several times and the port is still closed.
Hi Tom, any chance that you could make a video explaining how to do port forwarding through Wireguard?
Basically, I got a server that's behind a NAT firewall (Pfsense) and my ISP blocks ports.
I want to be able to route any incoming connections through the Wireguard server (Linode's instance) to my server that's behind the NAT Firewall.
I really like your videos, keep up the great work.
Thank you
Don't think there is a way to do that
@@LAWRENCESYSTEMS What would you recommend as a solution? Thanks for the comment.
Don't really have one
Thank you sir ..
hello dear, could you make a video port forwarding through openvpn ( to conect with pfsense Wan ip to openvpn remote host ) thanks so much
that does not work.
@@LAWRENCESYSTEMS ohh why ?
Excellent. Thx.
The Elders of the Internet will not like it when you show it off so publically
Let’s make a video of optical modules together, we sincerely invite you to cooperate with us, we have 10 years of experience in optical module sales and are a trustworthy company, looking forward to your reply~
First