Pfsense port forwarding Pfatt

For the love of me I can’t get port forwarding to work what do u guys need to see to be able to help me out I have att fiber and I’m using pfatt to bypass the modem also I have a range of static ip that I can’t figure out how to use with pfsense setup

(I don’t have AT&T fiber and 10 minutes ago I didn’t know what pfatt was, but I still have some ideas)

  1. When you say you use pfatt, does that mean you followed this guide?
  2. Have you verified that your WAN IP is globally reachable and there is no carrier grade NAT?
  3. The easiest way to enable port forwarding is to set Filter rule association in the NAT rule to Pass.
  4. Post a screenshot of your NAT rules table. That’s a start.

I followed that guide have that all working. I do I find out if there is a carrier grade nat

Either you can try to ping the firewall from a device on the internet (given a respective PASS-rule on the WAN interface) or you can compare the firewall’s WAN IP with the IP address reported from a "what’s my IP " site, e.g

If CGN can be ruled out, a screenshot of either the port forwarding table or the individual rule would help.

Ping the public ip but
It times
Out gonna look at settings first


You only showed firewall rules. Port Forwarding isn’t done there, its done under Firewall > NAT.

Sorry about that

Looks like your NAT configuration is off. Assuming you want traffic coming in on your WAN interface on port 32400 to be redirected to an internal host on the same port, your first rule should have these settings:

  • Interface: WAN (you currently have this set to LAN, which is why it can’t work)
  • Protocol: TCP
  • Source address: *
  • Source Ports: *
  • Dest. Address: WAN address
  • Dest Port: 32400
  • NAT IP (redirect target IP):
  • NAT Ports (redirect target port): 32400
  • Filter rule association: set to Pass for now, when it works you change it later for more fine-grained control

If you correct the first rule, the second rule won’t be needed. Regarding the third rule visible in your screenshot, the port is not a standard Plex port. If your Plex server listens on that port it is of course absolutely fine to use that port number, just be aware that some Plex ports are UDP instead of TCP. Also, to make that third rule work, make sure the Dest. Address is set to WAN address.

Basically, for any “standard” port forwarding functionality as known from consumer routers, use the following settings and fill in the rest respective to the application:

  • Interface: WAN
  • Source address: *
  • Source Ports: *
  • Dest. Address: WAN address

I’m going to try to fix that tonight when I get home from work I’ll let you guys know what
The results are

The third rule I was trying different things to see if I could get it to work

To use multiple WAN IP’s in pfsense you set them up as an alias on the WAN Interface, dead easy.

Its under Firewall > Aliasses

Thanks so much folks it finally showing as open

Thy all worked but when I turn on the vpn using mullvan the client app on that pc I try my ports
Are showing as closed I’m trying to use
The port mullvan assign me so not sure how I get
That port to open

This is what I’m working with

Why are you running a VPN client on your plex server? Anyway, that VPN client is probably set to prevent all non-VPN communication while it is running, because a VPN like that is usually used in a “hostile” environment.

I’m using the VPN for the torrenting program I run on that client is there a better way to do it I’m open to suggestions