PfSense 2.0.1 Disable NAT Reflection For Port Forwards
Nov 20, 2012
I'm using PfSense 2.0.1. What im trying to do is connect to a game server I have running here in my house. I can connect to it locally with 192.168.8.6 no problem. I have it port forward correctly so that the rest of the world can connect to it via my WAN ip address. The problem comes is I want to be able to connect to it with my WAN address so that if someone decides to follow me STEAM will show my WAN address not my internal IP address of the server im connected to. I have "Disable NAT Reflection for port forwards" UNCHECKED which is what I am supposed to do according to documentation from PfSEnse. But it still doesn't seem to work.
View 5 Replies
ADVERTISEMENT
Jan 8, 2012
I have followed directions and forwarded the two ports to the local machine. I looked in the router setup to find my current public ip address from Comcast say its 98.221.99.99. If I am on the same network as the machine that is receiving the port forwards, and I type http:// 98.221.99.99 in a browser, the forwarding works fine.If I am external/not on the same network, typing http:// 98.221.99.99 in a browser times out. I have tried http:// 98.221.99.99:9000 too (9000 is the port I need forwarded) and that doesn work either.But, I do have remote management enabled for the router and if I am external/not on the same network and I enter http:// 98.221.99.99:8080 in a browser, I get the router login screen and can enter my user name and password and login to the router just fine.
View 11 Replies
View Related
Sep 26, 2012
Linksys BEFSR41 4.2 Main router 192.168.2.1, if I cascaded a second Linksys BEFSR41 4.2 LAN to LAN 192.168.2.2 would I be able to port forward on the second router? I need more than 10 port forwards.and if so would I have to set the second router up with the internet provider log in and password like the first router?
View 4 Replies
View Related
Aug 19, 2012
I am trying to set up a Cisco ASA 5510 running 8.2 to allow a connection to a Polycom camera that sits behind it. What I want to do is forward multiple ports to allow a connection from an outside office. The polycom camera uses the following ports:
1720 tcp
3230-3235 tcp
3230-3253 udp
I got these port numbers from the Polycom web site. So what I did was create a service object as follows:
object-group service All-Polycom-ports
service-object tcp range 3230 3235
service-object tcp eq h323
service-object udp range 3230 3253 My question is how can I use this service object in a static (inside,outside)
command so that I don't have to create multiple commands for the port forwarding. Is this even possible or do I have to sit down and write out around 30 seperate commands to do this. I've been searching the web and it seems a lot of people want to do this but so far I haven't found an answer.
View 3 Replies
View Related
Apr 19, 2012
Background: currently have a WRT320N, thinking of upgrading to an EA4500 assuming ONE feature has been improved: Port Forwarding.
Scenario: Currently I have a WRT320N router, and while it "does everything we need" it has one limitation that is now getting in the way: limitation on number of forwardable ports. In the port forwarding panel, it has 15 total rows: the first five rows can be enabled for specificaly named services (SMTP, FTP, etc). The last 10 rows are fully customizable in that we can set the name, ports and protocol.
The problem is that of the 13 total ports I currently need to forward, only ONE of them is listed in that fixed list. So, sadly, I can only use one of those first five rows. I've now filled the remaining ten custom rows, and still have need for two additional ports (for now, may need more down the road).
Trying to get creative, I figured maybe I could just spill over to the Port Range Forwarding page and add a row or two there. The only problem: it's buggy. I've found that if the Single Port Forwarding list is filled, then the Port Forwarding Range entries don't work properly. For example, if I wanted ports 12345 and 12346 forwarded to 192.168.1.5, they work fine with two single port forwarding entries. However, if I delete those, add two other port lines I need forwarded (the single list being full again), and add a port forwarding range 12345..12346, they don't work properly, ports just are closed. Only the singles work, the ranges don't.
Question: Has the EA4500 resolved this issue and allow for either more lines (i.e. 20 customizable entries instead of 10), or, better, does it just have an [Add Entry] button to allow for additional rows to be created? In today's day and age, where one single device (such as an Xbox) can take four rows, a 10-row limit is pretty sparse. Comparing it to some competitors, for example the D-Link DIR-825 (aging, but still great) allows you to add as many as you want.
I realize "expensive" firewalls like SonicWall's have virtually unlimited customization, but I don't need many of the additional features and don't want to spend $350 on a "high-end" firewall to solve the problem of needing two more ports open.
View 4 Replies
View Related
Nov 18, 2012
recently we have purchased Reflection - an AirPlay mirroring software. Basically install Reflection in the laptop and you can view the screen of the iPad or iPhone via wireless network. we have tested in home wireless network no problem, but when connect to the cisco network, the iPad didn't recognize the REFLECTION installed in the laptop.
we are running WLC 5508, WLAP AP-1331AG, we can ping from laptop to the iPad laptop and ipad can access network without any issue. there is no any application port has been blocked between the client via wifi extra details for REFLECTION: [URL]
View 4 Replies
View Related
Jul 9, 2011
I want to use vertrigo localhost but due to port 80 enable it is not runing so how can i disable this port.
View 2 Replies
View Related
Mar 21, 2011
I can't download WAMP and am told Port 80 is blocking it. How can I resolve the problem?
View 1 Replies
View Related
May 25, 2012
I want to forwards some ports for my PS3 however. I am using [URL] to do it. I use IE, I go to port forward, I set everything up like it shows and put in my PS3 IP, and I choose save settings. When it comes back after rebooting, nothing is saved. Everything I put in has vanished.
View 5 Replies
View Related
Jun 18, 2011
I'm trying to configure Hp1810-24G and pfsense firewall with no success. I' would like to create two virtual lan on swich which share same internet connection. To simplifing I suppose
vlan 2 port 1-12
vlan 3 port 13-23
port 24 pfsense lan connection
What altready I do on pfsense I create vlan 2 called 1STVLAN VPID 2 and vlan 3 called 2NDVLAN VPID and assigned to them to LAN pfsense real port enabled and gived a static ip to them on HP procure I create two vlan with
vlan 2 port 1-12 untaged 13-23 Excluded 24 tagged
vlan 3 port 1-12 exluded 13-23 untagged 24 tagged
the problem is that I don't be able to speak with pfesense (ping failed on real lan ip and virtual lan ips) so I don't have also internet connection.The ethernet card i'm using are old (i have built the pfesense computer on spare parts that I have at home) so can be a driver issue?
View 1 Replies
View Related
Apr 1, 2013
What could cause this log message and put the port in errdisable?
15w2d: %ETHCNTR-3-LOOP_BACK_DETECTED: Loop-back detected on FastEthernet0/22.
15w2d: %PM-4-ERR_DISABLE: loopback error detected on Fa0/22, putting Fa0/22 in err-disable state
15w2d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/22, changed state to down
View 19 Replies
View Related
Apr 1, 2012
In my home setup I have an PFsense firewall wich is doing all the routing right now, but right now my net speed is maxing out about 500mbit, i my think it's the pfsense hardware, but its an 1500Mhz C7 VIA with 2Gb ram, I just bought two new switchs, HP-1910-24g and a HP 5500-24G they can do some layer 3 routing, will my speed get a bumb up when the switch is doing some of the vlan routing.
View 2 Replies
View Related
Feb 27, 2012
I wanna get one of the following Atom boards for a Pfsense box:
X7SPA-HF-D525 Mini-ITX - [URL]
X7SPE-HF-D525 FlexATX - [URL]
X7SPA-HF D510 Mini-ITX - [URL]
X7SPE-HF D510 FlexATX - [URL]
And put it in this case: [URL]
However, I can't find any info on which style motherboard is compatible with the expansion slot on the front of the case. I know you need a riser card to extend the PCI-e slot to the expansion slot, but since FlexATX and Mini-ITX are difference shapes/lengths, I don't know if the case's expansion slot is designed to only work with one or the other.
View 5 Replies
View Related
May 1, 2011
so I have a new Supermicro X7SPA-HF-D525 Mobo 4GB ram comming in and am wondering what firewall software I should put on it. This is for home use. Currently im running DD-WRT on an Asus 520GU, so anything is a step up. I have played with both, though Untangle only for about 20 or so mins on a VM, and pfSense for about an hr or so on an old P4.
By first glance at the untangle, one thing I didnt like was it looked like if I wanted anything I had to pay a yearly subscription for the same stuff that was offered for free or already included in pfSense. But i see alot of people swaring by Untangle.
View 19 Replies
View Related
Dec 13, 2011
I have gotten myself a neoware e140.It has an VIA 800MHz CPU with 128MB Flash and 128MB DDR2 RAM.he one I received a spare PCI slot which is occupied by a matrox graphic card Matrox Epica card. It shows up in the System Specs as a TC4 but I think it is a TC2.
It comes with this special adapter which splits into two DVI adapters. Each of these adapters supposedly can drive 2 monitors (I have no clue how).
The box currently has some neoware linux on it.I want to make a pfsense box out it to have support for a dual WAN setup. I have never dealt with this kind of stuff before and do not even know how to load the OS on the flash etc.
View 19 Replies
View Related
Apr 19, 2013
I am building a new VPN Anyconnect solution. I want the traffic to enter a interface and that traffic should be forwarded to my "VPN-Machine".
The system is a ASA5520 with old software, I am not at work now so i cannot tell exactly.
So my question is, how do i make the traffic enter one interface and being forwarded to another? I have splitted the physical interface to several sub-interfaces.
View 5 Replies
View Related
Sep 11, 2011
How do I disable the USB port in the 881 router?
881router#show usb port
Port Number: 0
Status: Disabled
Connection State: Disconnected
Speed: Full
Power State: ON
View 3 Replies
View Related
Aug 2, 2012
I have several SF300 switches deployed (SF300-08, SF300-24P). They are connected to IP Telephones (NEC) which communicate with the switch for auto voice VLAN on LLDP. The problem I am experiencing is that periodically the IP telephones are rebooted by the telephone vendor and when they do the switch puts that port into "Locked" port security mode and discards all traffic to the port. The IP telephones of course do not work. In other switch models, I have seen the ability to enable / disable port security switch wide or on a port by port basis. This model does not appear to have this feature. How to disable or why the phones would cause the switch ports to "lock"? There is usually one PC attached to each phone.
View 1 Replies
View Related
Mar 1, 2010
I have upgraded a couple of 2960G switches to 12.2.52SE and now discovered that TCP port 4786 is open on the switches.
I have looked in the document{URL}, trying to find a way to disable this function/port, but didn't find anything useful. Any way to disable this function/port?
View 3 Replies
View Related
May 8, 2013
trying to get my ducks in a row for replacing a Cisco 5510 and a Barracuda Link Balancer with a virtual pfSense appliance. This is partially due to eliminating support contract costs (nearly $3k annually between both appliance) and partially to utilize the redundancy and fault tolerance that our virtual environment can provide. I'm also implementing a colo site for replication/DR this year so doing a tunnel from site to site would make it a lot easier with like for like virtual appliance firewalls.
The VPN aspect. We are currently doing Cisco VPN with Radius auth on the back end, this is seamless to setup from an end user perspective as they just hit a URL, download/install the ANyConnect client, and log in with their credentials. Is there a comparable alternative in pfSense? I'm leaning toward IPsec but it still doesn't seem as seamless as what we currently have in the ASA.
View 8 Replies
View Related
Jan 18, 2012
Ask this question, if someone came across a 6513, one of the RJ45 ports are constantly falling.The question is how to disable logging on a specific portno logging event link-status does not work.
View 1 Replies
View Related
Jun 20, 2012
I have a Cisco 2960G switch and one of the ports was configured with srr-queue bandwidth limit 90 - I need to remove this bandwidth limiting from this interface. [code]
View 2 Replies
View Related
Jun 21, 2011
I am looking for a script or applet that will dis/enable an ethernet interface on Cat 6500 based on reachablity to an external destination. Reachability should be verified either directly by sending ICMP packets, or based on IPSLA status.
View 4 Replies
View Related
Jan 25, 2012
I am testing 2960 24 S with storm-control and Errdisable Port timer interval 60s , connected HUB on fa0/17 to make traffic / loop.After Strom Control detection the interface goes down thats ok after 60s they will try to recover the interface and going up although the loop is still there.For my understanding if the interface detect still a loop on that interface they will disable the port again for 60s and will check again. [code]
View 7 Replies
View Related
Jun 29, 2012
We have a number of 3750 stacks used as access layer switches connecting Siemens VOIP phones and then a PC that connects to the phone.
For example if I plug PC A to the phone that connects to port 13 I pick up an IP addressand all works as predicted now if I plug in PC A to any other VOIP phone that connect to another port on the same switch it goes in error disable state ITs like the switch is holding my PC mac address and locks it down with the port which in my case is Gi2/0/13.
interface GigabitEthernet2/0/13
switchport access vlan 726
switchport mode access
[Code].....
View 7 Replies
View Related
Dec 6, 2011
I have stacked WS-C3750E-24PD with Ten Gigabit Ethernet ports configured under ether-channel. It has c3750e-universalk9-mz.122-55.SE1.bin IOS installed on it. One of the Ten Gigabit Ethernet ports, goes to err-disable mode with following errors on that specific ports.
%SFF8472-5-THRESHOLD_VIOLATION: Te1/0/2: Tx power low alarm; Operating value: -31.0 dBm, Threshold value: -9.0 dBm.
%SFF8472-5-THRESHOLD_VIOLATION: Te1/0/2: Tx power low alarm; Operating value: -31.0 dBm, Threshold value: -9.0 dBm. (DROmx-1-1)
I have gone through some of CSC forums like {URL}. The workaround is to "Remove the X2 or SFP from the inactive up link port" which is not in my case.
View 9 Replies
View Related
May 10, 2013
In our company 3nos Cisco 3750 (WS-C3750-48P) access switch in stake mode. All port are assigned with voice and data Vlan also Avaya IP connected with this switches. From last few days tow port 2/0/7 and 2/0/8 is showing amber and status is showing err-disable. At Avaya end it is showing a message “ETHERNET WAITING” in phone dispaly. I try to connect laptop directly with these ports but it is showing "Cross Connectivity". [code]
View 4 Replies
View Related
May 29, 2013
After reboot WLC , the switch port was err-disable , the cause is link flap after we reboot 3 times , the switch port link flap err-disable every time? We don't know why the WLC rebboot will cause it , it just normal action on device the WLC version is 7.4.100.0 link switch with access port , no port channel , no portfast.
View 11 Replies
View Related
Aug 1, 2012
I am looking to simply monitor Port-Security , Error-Disable and HSRP. I would like to receive an email when any of these are triggered.
Port Security - Port Is shut down
Err-Disable - Port goes into err-disable state (securedown)
HSRP - When HSRP standyby changes are detected
I need to receive emails with any of the able are triggered. What is the easiest way to do this? I know SNMP is the main option but I have never worked with SNMP and dont understand it too much.
Equipment:
2x Cisco 1921 series routers
3x Cisco 2960 POE switches stacked
View 1 Replies
View Related
Mar 24, 2003
Currently it seems as our 3550's doesn't send traps when bpdu-guard sets a port in err-disable state. Or DFM doesnt recognize it.Is there a way to get a DFM alert when a 3550-port gets into err-disable state?
View 2 Replies
View Related
Oct 11, 2012
We have a Cisco switch in each office and every now and then the port that has the D-Link Wireless AP (DAP-1522) connected to it goes to err-disable state. Actually sometimes even a regular port that has a cisco phone connected may also go to err-disable state (less often). So I have to telnet into the switch and issue shut and no shut command on that interface to get it back to life, then it works for a few days or weeks until it happens again. Any suitable configuraiton for that interface, that would prevent that from happening or a workaround ?
Here's the info:
Model: cisco WS-C3560-24PS and cisco WS-C3560-48PS
Image:c3560-ipbase-mz.122-35.SE5.bin
This is the log from one switch:
31w5d: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/2, putting Fa0/2 in err-disable state
31w5d: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address 74e2.f592.f7f2 on port FastEthernet0/2.
31w5d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
And from another, which is almost the same:
5d10h: %PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/3, putting Fa0/3 in err-disable state
5d10h: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address d8a2.5e31.2cf6 on port FastEthernet0/3.
5d10h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down
5d10h: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to down
Here's the configuration of fe interfaces (they are all alike):
interface FastEthernet0/2
description Voice & Data Combo Port
switchport access vlan 11
switchport mode access
switchport voice vlan 15
[code]....
View 3 Replies
View Related
Jan 23, 2012
I use windows xp and a BT home hub 2.0, i had my wifi set up so i could enable and disable wifi at my leisure. However every now and then i don't get the option to disable the wifi, so i normally have to reset my default admin password and enter my own password to eventually re use the enable/disabled option. But now i can't even do that so i'm stuck with permanent wifi. I did briefly manage to get the disable/enable option back by reset hub to factory settings but now it has gone again. What can i do? On my home network page where it reads devices currently connected to your BT home hub it has no devices detected for wireless.
View 1 Replies
View Related
Feb 2, 2011
I use VNC all over my LAN.How do I make sure that it's secure and disable connections comming from outside my LAN?would forwarding the VNC port to a non-existing computer work? or would that just break my local VNC connections?I currently have some using ultravnc and some using tightvnc
View 1 Replies
View Related
