Can’t seam to figure this out and unable to follow what is suggested in other forums or directions. I am using a Pfsense firewall. My default LAN is 10.0.0.0/24. I have a VLAN 20 set up with a subnet 192.168.20.0/24. On this VLAN I have a Camera NVR on ip 192.168.20.21. I have the Web UI for this NVR set to port 8080. So when I am in the LAN subnet or the VLAN subnet I am able to access the web UI from a browser by using 192.168.20.21:8080. I need to open a port on the WAN to access this NVR. I have been able to open ports to the LAN for another service with success in the Tab: Firewall>NAT rules. However I have been unsuccessful in doing this to my VLAN subnet. I’m assuming I need to insert another rule somewhere. Hoping someone can help. Thanks
As long as the networks are defined in pfsense the port forwards are the same for LAN or VLAN networks:
This is my settings for the port forward to the VLAN address. Does it look right? I tried testing with yougetsignal.com and it still says the port is closed. Weird thing is I have a port open to another device on the LAN and that port is working. However when I check that port with yougetsignal.com it also says it’s closed. Very strange. Any suggestions on how to troubleshoot.
Is this your only or first NAT rule?
There seems to be missing some lines at the bottom: NAT reflection en Filter rule association.
Rule looks good, there is a chance that your ISP is blocking the port.
A lot of times I come across the port is not open on the NVR software firewall.
you might have to enable Services > UPnP for the camera traffic.
Thanks for confirming it looks correct. Not very likely that the port is blocked by the ISP. I have many clients in the area and I’ve never had an occasion where the port was blocked by the ISP. However I still find it odd that the other port is Open but the yougetsignal.com tool shows it being closed. Pretty confident the port is set on the NVR, because when I left the house I had to login to the web UI using :8080 at the end of the URL.
Interesting idea. I will probably try this.
I have one other NAT Rule. The port checker still says both ports are closed. Although the Port that I opened on the default LAN is working. NAT Reflection is set to default which is to allow hair pinning. Shouldn’t be an issue because I am off site at the moment.
shouldn’t the camera protocol be UDP (try TCP/UDP)?