This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot open any ports via NAT or firewall rule but existing ones work?

Hi All - I am trying to enable remote access for the Plex server and it requires the opening of ports in the 32xx range.

I enabled the following DNAT rule: TCP 1:65535 → 32400.

Unfortunately the port remains closed when testing using this site and on Plex Server's network config:
Open Port Check Tool

I tried a variety of port numbers and none of them seemed to work which is very baffling. As a last resort, I tried some common port used by RDP such as 3389 and the connection worked....

Lastly, I am also using the following rule on my UTM:

Internal (Network) -> any -> any

I've also reviewed the firewall log and below is the dropped packet:

2015:10:19-12:30:19 homestation ulogd[6592]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp0" srcip="54.193.168.189" dstip="24.140.238.16" proto="6" length="60" tos="0x00" prec="0x00" ttl="47" srcport="2985" dstport="32400" tcpflags="SYN"

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago

If you're using the "External (Address)" object for 'Going to', then you might have a problem with #3 in Rulz.

If you can't get it going, click on [Go Advanced] below and attach a picture of the Edit of the NAT rule with the Plex Server Host definition in Edit with 'Advanced' open. Also copy and paste one or two related lines from the full Firewall log file (Not the Live Log).

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago

If you're using the "External (Address)" object for 'Going to', then you might have a problem with #3 in Rulz.

If you can't get it going, click on [Go Advanced] below and attach a picture of the Edit of the NAT rule with the Plex Server Host definition in Edit with 'Advanced' open. Also copy and paste one or two related lines from the full Firewall log file (Not the Live Log).

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 traderjay over 9 years ago in reply to BAlfson

If you're using the "External (Address)" object for 'Going to', then you might have a problem with #3 in Rulz.

If you can't get it going, click on [Go Advanced] below and attach a picture of the Edit of the NAT rule with the Plex Server Host definition in Edit with 'Advanced' open. Also copy and paste one or two related lines from the full Firewall log file (Not the Live Log).

Cheers - Bob

Here we go on the firewall log:

2015:10:20-13:56:48 homestation ulogd[12270]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp0" srcip="107.20.89.142" dstip="69.165.161.58" proto="6" length="60" tos="0x00" prec="0x00" ttl="36" srcport="57776" dstport="32600" tcpflags="SYN" 

2015:10:20-13:56:50 homestation ulogd[12270]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp0" srcip="107.20.89.142" dstip="69.165.161.58" proto="6" length="60" tos="0x00" prec="0x00" ttl="36" srcport="57776" dstport="32600" tcpflags="SYN" 

2015:10:20-13:56:52 homestation ulogd[12270]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="ppp0" srcip="107.20.89.142" dstip="69.165.161.58" proto="6" length="60" tos="0x00" prec="0x00" ttl="36" srcport="57776" dstport="32600" tcpflags="SYN"