Dear @johnpoz My problem is described here: Problems configuring OpenVPN on pFsense 23.01 Let's not discuss my problem any further here. I am just about to try again troubleshooting using your ideas but any further discussion about my problem, should be done there. Thanks you really very much for your ideas. I will keep you posted.

@lcbbcl Agreed, makes sense when put like that. I somehow got the idea that I could first block everything and then open this, but obviously got it wrong. Thanks for quick response!

@steveits Found that the issue was caused by Snort blocking Google IP's for various reasons. What I cannnot explain is why I needed (for an entirely unrelated reason) to re-config the snort interfaces to be able to actually see that Snort was the culprit. At least I am pretty sure its the case because since I last posted on this thread, I've had two episodes of connectivity issues and both times it was clear as day that Snort was blocking Google IP's. Unblocking them made my VPS reconnect almost instantly. For now I consider this solved!

@johnpoz Oh, yeah. !! Thanks.

@dominikhoffmann Just include your networks inside of the alias: Select IP, then there will be a Type field, select Network(s) [image: 1676999024517-66141865-2a6f-4937-9fd9-b882ae93014b-image.png]

The main problem is detecting that "specific packet". Do you mean specific payload content? If so, remember that nearly 100% of network traffic today is encrypted and only decrypted at the two endpoints of the conversation. Firewalls and intermediate devices can't see into the payload. They see only random encrypted bits.

Can you open a Redmine issue for that at https://redmine.pfsense.org/? Some of the easyrule code changed to add extra validation and that specific type comes through in a way that doesn't seem to align properly.

@viragomann OMG you just saved me so much troubleshooting time! I didn't know PostgreSQL and PG admin needed to both be installed. I only had PG Admin and thought I can just jump right into doing stuff with databases. I can finally get everything up and running. Thank you!

@jknott said in Very odd UDP 40000 request. Please help me understand: @furom Unfortunately, my crystal ball is busted again, so I can't offer much more. Bummer... But thanks much for trying. There oughta be some way of finding out device on that vlan has tried to make the connection, I'll just continue trying, there must be a way. Have a good one :)

@gwaitsi What @rcoleman-netgate already said: [image: 1676839280334-2f4cbbd6-14b0-4c97-88ea-fa0c53e1de74-image.png] [image: 1676839363530-515cd4e5-71f4-4c48-9225-3192fc4d5f56-image.png]

@viragomann that did work, anything else I can try?

No ideas?

Sorry but I am experiencing an internet outage with recovery scheduled for 02/28

Yeah, in the Dark Theme some extra "marking" is needed because of the dark background. In the default theme, disabled rules show as obviously grayed-out on the white background, but on the darker background of the Dark Theme something extra is needed. Notice the text is lighter in an attempt to show 'grayed-out", but the red bars help the lines stand out.

SUPER stupid thing to miss. I'm sorry for wasting your guys' time! It was indeed rule order bombing out the traffic. FYI I do already have dyndns setup with my domain so connectivity from external sources will be immediately functional...I still likely to keep internal traffic off the WAN interface though. Just a personal pref. Thanks all and have a great day!

Marked solved because I have deleted the override and maybe it was also for home.arpa. Thanks Jim.

@dfsense Well that is wrong solution to a self inflicted issue.. Is pfsense not the default gateway to these devices?

@johnpoz Do you think any of this has anything to do with Netflix? I have tried adding a rule allowing the Apple TV any access to anything, and it's still broken. I have T-Mobile Home Internet, and it's double-NAT as a result... If I connect directly to the wireless signal sent off that device Netflix loads. I'm wondering if because Netflix is included on my cell plan, it's somehow verifying I'm connecting through their service, and it thinks I'm on another network? Or if there is any way to test that? Still confused...

@fjmp24 must of been some other discovery protocol - there are a few of them.. avahi is just for the mdns discovery. I would guess WSD.