Page 1 of 3 123 LastLast
Results 1 to 10 of 29
  1. #1
    Newbie
    Join Date
    Jun 2020
    Posts
    12

    Question Port Forwarding Not Working

    Hello,

    I'm having a bit of an issue with port forwarding. It appears to not be working for some reason. For the example, I'm trying to get Plex to work for remote access, so I'm using the default port of 32400 to do that. I can get to plex just fine internally and use it, but I can't seem to get the port to forward to the outside. My set up is such:

    ISP > Modem > Untangle > Internal

    Eth0: WAN
    Eth1: DHCP (172.16.0.x)
    Eth2: Server (172.16.2.x)

    I'm adding a rule to Networking > Port Forward Rules as such:

    Conditions:
    Destined => Local
    Protocol => TCP
    Destination Port => 32400

    New Destination => 172.16.2.x


    Untangle has no problems getting a WAN address from the ISP either. For troubleshooting I disabled the Untangle firewall and tried using telnet-online.net to see if 32400 was open but was still getting a timeout. So I went back to Untangle and ran a packet dump on eth0 (WAN) and could see packets from the website to 32400 so they were getting to Untangle. I then did a connection test to 32400 from Untangle to verify there wasn't an issue with that and the connection succeeded so there doesn't appear to be a problem from untangle to the box, just something with traffic from WAN to the server interface.

    I also tried this with port 443 to an IIS server with pretty much the exact same set up and couldn't get that to work either but could see traffic from a dump on eth0 too.

    Any one have any ideas?

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,660

    Default

    Assuming WAN has an internet routable IP address, and the port forward is translated correctly (screen shot would be better)

    It looks to me like your rule is fine. It looks to me like your ISP is preventing you from hosting anything, ingress filtration happens.

    Want to test? https://WANIP:32400 from inside your network should open Plex's website. If that works, the NAT translation is online, and the server is configured correctly. The only explanation for it not working publicly is your ISP... unless you configured firewall rules or filter rules to block it, Untangle doesn't block anything by default.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Newbie
    Join Date
    Nov 2019
    Posts
    14

    Default

    Isn't an access rule needed as well as the port forward rule ?

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,842

    Default

    Quote Originally Posted by ncksh View Post
    Isn't an access rule needed as well as the port forward rule ?
    No, port forwards do not need an access rule.

    Run the packet test on the port to see if the modem is passing the packets to the Untangle.
    https://<your LAN IP>/admin/index.do#config/network/troubleshooting/packet
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Newbie
    Join Date
    Jun 2020
    Posts
    12

    Default

    Hi,

    As stated i am seeing traffic come from the WAN using a packet capture. It's just not forwarding it to the LAN side. This previously worked before I had untangle set up with a generic ASUS router using the default firmware/OS so it's not an ISP issue.

    Thanks!

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,660

    Default

    Then you screwed something up when you swapped routers. The ASUS doesn't have the ability to run two LANs, yet you indicate you're doing so here. I think something is wrong with the way you segmented your network. Fix that, and the port forward comes along for the ride.

    Are you using static IP's anywhere? Because a static assignment on the Plex server with the wrong gateway IP address would cause this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,268

    Default

    Quote Originally Posted by lopezcaleb1 View Post
    Hi,

    As stated i am seeing traffic come from the WAN using a packet capture. It's just not forwarding it to the LAN side. This previously worked before I had untangle set up with a generic ASUS router using the default firmware/OS so it's not an ISP issue.

    Thanks!
    did you try a packet capture on the LAN interface instead to see if the packets are going out? I suspect the traffic is actually being blocked by the firewall on the machine running Plex, or Plex itself, not Untangle. Why? Well, Untangle port forwards just work, there's no magic involved, and Untangle doesn't block any traffic you didn't explicitly tell it to block. In other words, I think you're barking up the wrong tree here.

  8. #8
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,177

    Talking Welcome

    ...to Untangle, and the forums!

    I don't have any additional ideas.
    http://wiki.untangle.com/index.php/Port_Forward_Troubleshooting_Guide

    Quote Originally Posted by lopezcaleb1 View Post
    Hello,

    I'm having a bit of an issue with port forwarding.

    I also tried this with port 443 to an IIS server with pretty much the exact same set up and couldn't get that to work either but could see traffic from a dump on eth0 too.
    I just wanted to point out that this is one of the few scenarios that NGFW will get tangled up in.

    Therefore, it is not the best test case.

    If this is something you need to do, forwarding port 443 can be done, but does take a bit more work.
    http://wiki.untangle.com/index.php/Services

  9. #9
    Newbie
    Join Date
    Jun 2020
    Posts
    12

    Default

    Hi,

    Plex is set up on a static IP on 172.16.2.x network and can ping the gateway (172.16.0.1), an internet IP (1.1.1.1) and IPs on the 172.16.0.x network so I don't think it's segment issue. Untangle can also ping the Plex server and open a telnet/connection test to port 32400 to Plex.

    I did a dump on eth2 (Server) and i'm not seeing anything from port 32400 during the telnet test, just on the eth0 (WAN) so again I really think it's something with Untangle. Just not sure what. If I'm not providing enough info please let me know. I'm just at a loss since, as stated above, it should be pretty straight forward from what I can tell.

    Thanks!

  10. #10
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,177

    Default

    Quote Originally Posted by lopezcaleb1 View Post
    Hi,

    Plex is set up on a static IP on 172.16.2.x network and can ping the gateway (172.16.0.1
    The 172.16.0.1 network is routable (for the ping), but it should not be the default gateway for the 172.16.2.1 network.
    And ping does not tell the whole story.

Page 1 of 3 123 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2