Simple Port Forwarding -- I see a lot of these, but none like this

[fluid]

I am doing a SIMPLE port forward. I have set up all of the following:

Network Interfaces:
ETH0 - WAN
ETH1 - LAN
 
Under NETWORK -> SERVICES
Service Name: Test
Protocol: TCP/UDP
Source Port: 49150:49160
Destination Port: Any

Under FIREWALL -> PACKET FILTER -> Filtering rules from external networks to Zentyal
Decision: Accept
Source: Any
Service: Test

Under FIREWALL -> PORT FORWARDING
Interface: eth0 (WAN)
Original Destination: Zentyal
Protocol: TCP/UDP
Original Destination Port: 49150:49160
Source: Any
Destination IP: 192.168.1.5
Destination Port: Same
Replace Source Address: Unchecked

When I go to http://www.yougetsignal.com/tools/open-ports/ and test port 49150 on my WAN IP address, if fails saying that port 49150 is closed.

I have tried every combination of everything imaginable, and it just fails to work no matter what I do. I am clicking SAVE CHANGES at the top after I get everything set up. I have tried restarting affected modules after setup was complete and changes were saved.

I have seen a lot of port forwarding discussion on here, but nothing is just a plain and simple external to internal 1:1 forward like this. They always involve a VLAN, or something else to make them weird.

Why is this not working? What am I missing?

Thanks so much,

Tony Blackmon (Using Zentyal Community Edition 3.3 @ Home)

* EDIT * I have also looked at the log, and the log says that the traffic was redirected, but any port test I attempt fails from the outside.

[datas0ft]

Hi.

I'm not expert but look itself. Your portforward know which port forward, but dont know where to forward:

Under NETWORK -> SERVICES
Service Name: Test
Protocol: TCP/UDP
Source Port: 49150:49160
Destination Port: Any <-- Change this to some port and try then.

[fluid]

I had already done that. I just did it again as well to be sure, the port is still closed during testing.

So now we can modify the service listing in my first post to the following:

Name: Test
Protocol: TCP/UDP
Source Port: 49150:49160
Destination Port: 49150:49160

And yes, there is a service running listening on 49150 @ 192.168.1.5. I can see it with 'netstat -a | find "LISTENING"' and I can connect to it with Putty.

Thanks for the help! I really appreciate your time! Unfortunately it did not work. Maybe you or someone else will manage to figure it out.

[datas0ft]

But your Firewall -> Port Forwarding have same issue, I mean: Destination Port: Same <- try to change this port what you use.

EDIT: wrong guess

[robb]

You have a router in front of Zentyal? And did you forward the range of ports from the router to Zentyal?

[fluid]

Changing SAME to 49150 did not change the status of 49150.

[fluid]

There is also no other router in between Zentyal and my cable connection. ETH0 is connected directly to the cable modem. My ISP does not block any ports.

[half_life]

What entries do you have in the firewall under internal networks?  Do you have an "ANY/ANY/ANY" entry?   You mentioned that the logs tell you that the packet was forwarded.  Do you have a way to check if the packet arrived at your internal target?

[fluid]

Thank you so much half_life for bringing the obvious to light. I have used this service many times in the past and never had an issue with it. I have run another program called Port Listener that just listens, and tells you if something connects, set it to 49150, and rerun the test... it connects without issue.

Very odd with the service not working however. It never did that with pfSense before I switched to Zentyal.

I am much happier with Zentyal overall... I just wanted to figure this out because it seemed very strange.

[fluid]

I will add one to this just because it is something that happened... Today I started having issues with this machine running this service. It is Windows 8.1... so I rebooted it. After reboot, the service I was originally trying to get running is working like magic. Something is just weird... I dislike Windows anyway, I am not suprised lol