Introduction
In this guide, we will learn how to set up port forwarding on OPNsense to allow external access to services hosted on internal servers or devices.
Prerequisites
Before proceeding, ensure you have:
- An OPNsense firewall appliance
- Access to the OPNsense web interface
Step 1: Log in to OPNsense Web Interface
Open a web browser and navigate to the IP address of your OPNsense firewall appliance. Log in with your username and password.
Step 2: Navigate to Port Forwarding
In the OPNsense web interface, go to Firewall > NAT > Port Forward.
Step 3: Add Port Forwarding Rule
Click on the + (plus) button to add a new port forwarding rule.
- Interface: Select the interface where traffic will be forwarded (e.g., WAN).
- Protocol: Select the protocol (e.g., TCP).
- Source: Leave as any unless you want to restrict the source IP addresses.
- Destination: Enter the IP address of the internal server or device.
- Destination port range: Enter the port or range of ports on the internal server.
- Redirect target IP: Enter the IP address of the internal server.
- Redirect target port: Enter the port on the internal server where traffic will be forwarded.
Step 4: Save and Apply Changes
Click on Save and then Apply Changes to activate the port forwarding rule.
Step 5: Test Port Forwarding
Test the port forwarding rule by accessing the external IP address of your OPNsense firewall appliance along with the specified port in a web browser or using a network tool.
Conclusion
Congratulations! You have successfully set up port forwarding on OPNsense to allow external access to services hosted on internal servers or devices.