Need help configuring 3rd party VPN with port forward to work properly through Firewalla

Follow

Alvaro Gandara Astray

• March 11, 2025 16:39
• Edited

I’ve been at this on and off for a few months. This is my setup:

I have a VM inside a NAS with Ubuntu running a torrent server. In the past I’ve had PIA running via software inside the VPN. The app would give me a port forward that would change every now and then with no warning. This setup is what I’m trying to replace and improve upon

I’ve found several vpn services that offer WireGuard and openvpn server configurations and pre-selected open ports that I can easily import into Firewalla.

However, every time I’ve used these vpn services through Firewalla assigned to the VM, the port is never open as expected.

What am I doing wrong? If the original setup I have works without me having to open any more ports inside Firewalla, I don’t think it’s something I’m doing or missing. Everything should work as long as the VPN provider is handling the port forwarding process and I’m just using the same port on my end, right? Please help, this has been scratching my brain for way too long!

0

• 

  Firewalla

  • March 07, 2025 16:41

  Do you run any type of firewall on your hypervisor, or limiting who can connect to the service? if you access the "service" on your LAN, are you able to get through?

  0

  Comment actions Permalink
• 

  Alvaro Gandara Astray

  • March 10, 2025 14:37

  No additional firewall on the VM. Like I mentioned, everything works fine using the private internet access software app on Ubuntu, I just can’t replicate the same using Firewalla on another VPN that offers a pre-determined port-forwarding option

  0

  Comment actions Permalink
• 

  Firewalla Team

  • March 11, 2025 09:44

  Do you see the VM actively online on Firewalla? If your box can see it, port forwarding should work. I saw an issue often happens when the host is masking all network traffic, hiding VM from being seen by Firewalla. 

  0

  Comment actions Permalink
• 

  Alvaro Gandara Astray

  • March 11, 2025 16:39

  I can see it fine in Firewalla, when I apply a specific VPN to it it works as expected. I check through the browser on any whatsmyip and it all matched the assigned VPN.

  The problem is just the port forwarding behavior, it doesn't work as it should be. Any idea what could it be or how to test it further?

  0

  Comment actions Permalink
• 

  Firewalla

  • March 11, 2025 21:25

  How are you assigning MAC on the virtual machine? is it per guest? or all sharing?

  0

  Comment actions Permalink
• 

  Alvaro Gandara Astray

  • March 11, 2025 21:32

  It's a virtual switch on the VM, it matches the MAC Firewalla sees for the VM

   

  0

  Comment actions Permalink
• 

  Firewalla

  • March 12, 2025 00:22

  If you go to firewalla and look at device 224.130, you will see the 52:54:00 device? If you are port forwarding from the VPN service back to your firewalla, I assume you are using this https://help.firewalla.com/hc/en-us/articles/10221985597331-Firewalla-Box-Release-1-975-App-Release-1-52#h_01GK00R9QAV15Q5JE744P389XZ

  And after forwarding, you will need to make sure your service (the server forwarding to) does not block the external connections forwarding to it. 

  0

  Comment actions Permalink
• 

  Alvaro Gandara Astray

  • March 12, 2025 15:07

  I haven't been using any port forwarding inside Firewalla. I was under the impression that once I'm using a VPN connection, it bypasses Firewalla's firewall. Also, common sense tells me that if I'm using a software VPN inside the VM with an open port and everything works, the same would apply if I'm trying to use a VPN via Firewalla without having to open additional ports... I'll give it a try and report back, at this point I'm ready to try anything to see if this can work.

  0

  Comment actions Permalink

Please sign in to leave a comment.