Configuring NAT on pfSense - VincentSaelzler/HomeLab GitHub Wiki

Overall Notes

This configuration forwards bitcoin traffic to a host on the LAN. The same principles would apply for any other service.

pfSense Firewall

Services / DHCP Server / LAN

https://github.com/VincentSaelzler/HomeLab/blob/master/Images/2019-05-13%20pfSense%20DHCP.png

Firewall / Aliases / IP

https://github.com/VincentSaelzler/HomeLab/blob/master/Images/2019-05-13%20pfSense%20Alias%20IP.PNG

Firewall / Aliases / Ports

https://github.com/VincentSaelzler/HomeLab/blob/master/Images/2019-05-13%20pfSense%20Alias%20Port.PNG

Firewall / NAT / Port Forward

https://github.com/VincentSaelzler/HomeLab/blob/master/Images/2019-05-13%20pfSense%20NAT%20Forward.PNG

Firewall / Rules / WAN (Should be auto-created).

https://github.com/VincentSaelzler/HomeLab/blob/master/Images/2019-05-13%20pfSense%20Rules.PNG

Troubleshooting

Test from LAN

This will rule out firewall issues.

In this particular example, I never changed anything from the default configuration. Bitcoin is currently installed on Ubuntu 16.04 LTS.

Testing from LAN seems to work. First, tested a random port (that shouldn't be open), then tested the actual Bitcoin port.

root@pve1:~# netcat -zv bitcoin0.vnet 8384
bitcoin0.vnet [192.168.27.220] 8384 (?) : Connection refused

root@pve1:~# netcat -zv bitcoin0.vnet 8333
bitcoin0.vnet [192.168.27.220] 8333 (?) open

Reboot

When in doubt, reboot it out!

At first, I couldn't connect to port 8333 from the public internet. Rebooting the pfSense router fixed the issue!