Jump to content
Not connected, Your IP: 3.21.44.115
stryk3rr3al

ANSWERED Port Forwarding Returns 110 in Opensense over Wireguard Tunnel?

Recommended Posts

Hello, 

I've followed the guide on the Opnsens page to setup selective routing to AirVPN over wireguard. 
Everything's working great except port forwarding over the VPN tunnel, it seems like the traffic is never even reaching the Wireguard WAN gateway I have setup because I don't see packets flowing in a packet capture for the forwarded port. 

I'm using the Fang server in Chicago and I've included serval screenshots of my OpnSense Wireguard config. 
Also I've tried manually creating a rule under the Wirguard_VPN_Wan instance with a reply to address as the Wireguard wan and that has not worked.
I also checked that the client was not blocking the connection, network adapter was set as private and firewall was disabled, yet applications are not receiving traffic over my forwarded ports. 
Can anyone here offer any insight into what the problem could be? I do have 1:1 Nat enabled, so external IP's can be accessed internally, but I'm not sure that would even cause problems with port forwarding. 

Does anyone have any suggestions or ideas for what could be broken in OpnSense, or what I'm doing wrong? 

Snag_7e98776.thumb.png.4af7d6055e6ff80598adcf74d8e61526.pngSnag_7e98766.thumb.png.aec34e2f5fd9ee67dd6e1c767f96c9e2.png

Snag_7e98747.thumb.png.ca889172f0cce1d7a5b608d33822b66e.png

Snag_7e98737.thumb.png.25956ea49609995d81fc5975c73cdb14.png

Snag_7e98718.thumb.png.7ecaf5b34582cd627ed370982bfeb643.png


Snag_7e986fa.png.c8c0da9fb43a2c6ec3cf101c222ee55a.png

Snag_7e986f9.png.63af7c0e4d2fff9617938848abf0f1d4.png

Snag_7e98795.thumb.png.03054e874fea97c7feaa5c1901f59f61.pngSnag_7e98785.thumb.png.cc3536a49814201c4cb17b604f5512ad.png



 

Share this post


Link to post

Port forwarding is working now. 

Two things caused the issue for me. 
1. The default firewall rule created when port forwarding is broken.
2. The Antivirus software on my computer was blocking the connection. 

Fixes: 

Issue 1 --->
In case this helps anyone in future - When creating a port forward for a Wireguard interface in OPNSense, the automatic firewall that is created doesn't work.

To fix this, go to the wireguard interface firewall rules.  Create a new rule that's the same as the automatic firewall rule, except click "Advanced features: Show/Hide" and set "reply-to" to the wireguard interface.  Then go back to the port forward rule and set "Filter rule association" to "None" to remove the original (broken) firewall rule.

Issue 2 ---> 
Adjust the firewall rules on the computer to allow the connection


 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...