@steveits I did exactly same now question is , I don't want to send request of port 25 via WAN but it suppose to goes via DMZ (MTA) .

@viragomann Appreciate your prompt reply and thank you very much

@kracken64 Sometimes sites/routers will drop/ignore pings if they get busy. Sometimes a hop or two out will work better, sometimes worse.

Thanks so much. I assumed there'd be a switch hiding somewhere in the configurations.

Hi, @heper @Dobby_ How to set/push routes? System -> Routes? Or IPv4 Remote network(s) (configure OpenVPN Server at center 1, or client in 2 or 3?) @michmoor I can manipulate TCP/UDP ports in center 1, and center 1 has static ip. Two and three, is dinamic, and open the ports is not easy. Best regards

@viragomann I did try moving the original Proxmox rule to the top of my rule set. No difference.

@maiomaio said in site b2b blocked: https://sicomputer.com/b2b. If any doubts, use, for example : https://www.zonemaster.net/ See https://www.zonemaster.net/en/result/a5a8b50fd5447ce6 In this case: sicomputer.com is a complete mess, totally unusable.

@morgenstern said in Cannot access Netgate 6100 over the WAN IP via my usual management NAT rule: any Ah yes the source port is normally random. Easy to read over in a screenshot.

@zakharykyle I copied that off a doc page I can't find now, but now that I can log in to a router it appears they renamed it. Status/System Logs/Settings, there is a "Where to show rule descriptions" dropdown.

@johnpoz said in Isn't these two rules the same?: @furom the only way that first rule would be the same as rule below it, is if your network was say a /16, 192.168.x.x and 192.168.10.2 is on private net, and so its 192.168.1.1 Is that the case? What is the private net actual network 192.168.?.?/? Hi, Usually I keep my nets as small as possible, like /28 or /29 so, sorry, no /16 here... :)

@michmoor When i run tcpdump on my nextcloud server i see the specific traffic from the external IP i am trying to connect from.

@skiny said in How to block devices from LAN access?: why I didn't consider it at the time Don't feel bad - this same question comes up all the time.. Why is lan to lan rules not working ;) The only way pfsense can filter traffic between devices on the same network - is if you bridge, then pfsense could filter traffic between devices that are on different sides of the bridge.. But bridges should be the last possible choice almost always.. But if you were bridging with pfsense, then it would be possible to filter traffic between devices that were on side A of the bridge to side B of the bridge. But if devices were on the same side then no pfsense again would never see the traffic. The take away here is if you have devices that you want to filter from talking to other devices - put them on different networks, that get routed over pfsense. Then it is childs play to filter who can talk to who in the different networks.

@operations If the packets are forwarded pfSense shouldn't reply itself. The pass rule has to have the internal server IP as destination then.

@msadmire said in EasyRule Not Functioning: How can I get this to work from a (non-root) SSH session? Install and configure the sudo package first, then use sudo to run the command. It's not a part of the base system.

@michmoor Yeah...i can't believe i missed that, I received a new modem from my provider a month ago and changed my setup...before I simply had the old modem as my first level as defence with everything blocked. THANKS AGAIN!

@nafeasonto Status - System Logs - Firewall

@steveits It's pretty funny as I sort of know this. But feel I had to ask or double check. I've been using NAT since 23 years ago. It feels strange to actually route something. :)

@derelict I was called via Signal and had a look at the states. Your tip was good - now i see that there is a state with the IP 192.168.22.3, which is my client desktop, which has signal also running. Not sure how to investigate further, maybe someone could try to also get an incoming call on the phone app, while running an other client, which should also receive the call. Thx. [image: 1683051130873-1b5f34d1-b6f7-4c61-b0d0-8bda04123774-image.png]