How to Enable bit torrent client Behind a PFsense 2 Firewall

pfSense is an awesome toy to mess around with. it comes loaded with features and best part is that its free!!!!

When I started with pfSense I had a hard time getting my torrent client to work behind it.  I googled around but unable to find a useful article so i turned to the good ol' trial and error method.  After several tries I managed to get it working.

Actually once you get a basic idea about how data is handled in pfSense, working with it becomes a very pleasant experience.

so here we go..

Things we need to know

IP of the Router

Wan IP of the PF sense box

Torrent clients Port

IP of the Computer running bit torrent client

for this scenario we are going to use these IP addresses and ports

Bit torrent Client - Utorrent

Router IP - 192.168.2.1

Wan IP - 192.168.2.254

port - 26688

IP of the Computer running bit torrent client - 192.168.1.100

First off we need to make a port forwarding in the router to the Wan interface on the Pfsense Box.

login to your router interface and create a port forwarding for the port you are going to use in utorrent for the WAN IP which is 192.168.2.254 (this can be any port but for now lets just use the same port as the BT client)

have a look in portforward.com if you need any help with this

secondly you need to create 2 Nat rules and associated Firewall rules to allow incoming and outgoing Traffic to the torrent client
you can use the Utorrent's built-in port checker to test the port


Within the PfSense WebUi go to Firewall > NAT to start creating the rules

Creating the NAT Rule to allow Incoming traffic

Interface : WAN (Interface where the traffic is Generated from)

Protocol: TCP (the protocol of the traffic to be forwarded)

Source : No change

(this allows you to match a specific original source of the traffic, and is hidden behind an Advanced button as in most cases it should be "any", allowing all Internet hosts through)

Destination : type- WAN address

(this specifies the original destination IP of the traffic, as seen before being translated, and will usually be "WAN address")

Destination port range - Other / 26688

(this specifies the original destination port of the traffic, it is the outside port or ports you wish to forward. use the port number setup in the port forwarding on the router)

Redirect target IP - 192.168.1.100

(this is the internal IP in other words the IP of the PC you are running PFsense where this traffic will be forwarded)

Redirect target port - Other / 26688

(this is the internal port where this traffic will be forwarded, and is usually the same as the external port as defined in Destination port range)

No XMLRPC Sync - No Change

NAT reflection - Leave the Default value

Filter rule association - Create a new associated filter rule

(this allows you to add an associated filter rule, which gets updated when the port forward is updated)

Click save then apply settings to reload the filters

note - PFsense will automatically create the required Firewall rule for you

Creating the NAT Rule to allow outbound traffic

Interface : LAN

(Select LAN since the outbound traffic is generated from the BT client on the PC which will come to the LAN interface)

Protocol: TCP

Source : No change

Destination : type- LAN address

Destination port range - 26688

Redirect target IP - 192.168.2.1

(use the IP of the router to forward the packets )

Redirect target port - Other / 26688

(use the port number setup in the port forwarding on the router)

No XMLRPC Sync - No Change

NAT reflection - Leave the Default value

Filter rule association - Create a new associated filter rule

(this allows you to add an associated filter rule, which gets updated when the port forward is updated)
Click save then apply settings to reload the filters

go and check in the utorrent client and test the port.