Firewall block rule allow
-
hi team,
Hello time,
we are having a problem, we have branches that use a partner's WEB system via ipsec tunnel. the branches travel to the central office and the traffic goes out through the pfsense firewall where the ipsec tunnel is closed, and we see a problem with slowness within the application, and I have seen some logs like this in the firewall of rules that are released on the firewall. I saw that it may not be a problem, does anyone have any tips? thanks
-
@m0t0b0y1337
The shown block is an out-of-state packet. Probably you have an asymmetric routing issue. -
@viragomann hi , I understand, I changed the firewall to conservative, how can I solve this situation, do you have any tips? bypass on the firewall? thank you
-
@m0t0b0y1337
You have to find out the reason for this behavior.
With the short information you've provided here, I cannot really contribute much. -
@m0t0b0y1337 said in Firewall block rule allow:
I changed the firewall to conservative
That is not what your problem is.. The problem @viragomann mentioned about out of state is that the firewall did not see the SYN of the traffic to create a state to allow return traffic.
Butt hat is not SA (syn,ack) or just ack - that is a R (rst) which is that 10 address telling the 192 address DONE with this conversation - close it, don't want to talk to you F OFF ;)
To help you figure out what is going on would need much more detail of your traffic flow, etc.
In general this might help you..
-
This post is deleted! -
@johnpoz my serial traffic like this: branches (10.0.0.08) > connected to my central office, enter a CORE (MPLS) and then firewall > Pfsense (IPSEC) and enter the tunnel, use a WEB application, the problem with logs would be generated by the fact that users leave the web application logged in and it keeps giving some refresh? and we only access the other side. would pfsense need to have static routes to branches? thanks.
