If you use “None”, you would have to create a WAN rule manually for the NAT port forward rule to be fully functional.Īs you can see, creating a NAT port forward rule is not much more difficult than a WAN rule. It is very important that you do not have this option set to “None” because the port forward rule will not work properly. Set it to “Add associated rule” if you wish to see the automatically generated WAN rule or to “Pass” if you prefer to see only the NAT port forward rule (you cannot use “Pass” in multi-WAN situations according to the OPNsense documentation). Important: The only remaining option you need to make sure you set is the “Filter rule association”. That is the IP/port of your internal server. You will notice a couple of options for the “Redirect target IP” and the “Redirect target port”. The first several options are identical to the WAN rule except the port is HTTPS for the web server. Like with the WAN rule, the WAN interface will be the default selection for the “Interface” dropdown. In the example below, assume there is a web server in the DMZ network. Go to the “Firewall > Rules > NAT > Port Forward” page to create a NAT port forward rule. NAT Port Forward RuleĪ NAT port forward rule allows you to host a service inside your network such as a web server. That is pretty much it for the WAN rule! (Note that WireGuard requires more configuration than the WAN rule such adding the outbound NAT rule, but this example is just for illustration purposes). When accessing the service on your router remotely, the public facing address is the destination address. WAN rules typically use “WAN address” as the “Destination” since “WAN address” refers to your public IP address (if it is your main router plugged into your modem). “WAN” should be already set in the “Interface” dropdown since you are on the WAN interface firewall rule page. The “Action” should be “Pass” to allow the connection. One example of a WAN rule would be to access your WireGuard VPN running on OPNsense. If you have a Plex Media Server or Nextcloud on a server in your network and want to open access to the outside world, you will want a NAT Port Forward rule.
If you run OpenVPN or WireGuard in OPNsense, you will want a WAN rule. Generally speaking, WAN rules should be used for any service running directly on your router and NAT port forward rules for any service host on a server in your internal network (either virtualized or physical). Knowing when to use a WAN rule versus a NAT Port Forward rule may be confusing to new users.
#Free port forwarding utitlity how to
Understanding how to forward ports and create firewall rules for the WAN interface of your router is important if you wish to access services hosted on your router or a server in your internal network.
0 kommentar(er)
