• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

ping is working over vlan after deny rule

Scheduled Pinned Locked Moved L2/Switching/VLANs
8 Posts 4 Posters 353 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • O
    oren1031
    last edited by Mar 31, 2023, 9:23 PM

    I have 2 vlan on same the interface.
    I have a rule deny traffic between them, and rdp isnt working..
    but ping is always working.
    i have pfsense and tplink SG108E
    getting correct ip according to the vlan but ping is always working even when deny all..
    pc1 192.168.100.50
    pc2 192.168.200.1
    deny all from vlan100 net to vlan200 net..but ping is working...rdp not
    why ping keep working and not blocked..?

    V S 2 Replies Last reply Mar 31, 2023, 9:54 PM Reply Quote 0
    • V
      viragomann @oren1031
      last edited by Mar 31, 2023, 9:54 PM

      @oren1031
      I suspect, you have an L2 leak.
      Configure your VLANs properly so that both directions have to pass pfSense.

      O 1 Reply Last reply Mar 31, 2023, 9:57 PM Reply Quote 0
      • O
        oren1031 @viragomann
        last edited by Mar 31, 2023, 9:57 PM

        @viragomann thank you for the answer, L2 you mean at the switch level? Or configure again on pfsense?

        V 1 Reply Last reply Mar 31, 2023, 10:02 PM Reply Quote 0
        • V
          viragomann @oren1031
          last edited by Mar 31, 2023, 10:02 PM

          @oren1031
          Yes. probably the failure is on the switch.
          Your issue case seems to be asymmetric routing.

          O 1 Reply Last reply Mar 31, 2023, 10:03 PM Reply Quote 0
          • O
            oren1031 @viragomann
            last edited by Mar 31, 2023, 10:03 PM

            @viragomann thank you ill check the settings on the switch and updat.

            1 Reply Last reply Reply Quote 0
            • S
              SteveITS Galactic Empire @oren1031
              last edited by Apr 1, 2023, 12:04 AM

              @oren1031 if you are actively pinging and add the block, the state is still open:
              https://docs.netgate.com/pfsense/en/latest/troubleshooting/firewall.html#check-the-state-table

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote 👍 helpful posts!

              O 1 Reply Last reply Apr 1, 2023, 6:57 AM Reply Quote 0
              • O
                oren1031 @SteveITS
                last edited by Apr 1, 2023, 6:57 AM

                @steveits reset stats diesnt help...

                1 Reply Last reply Reply Quote 0
                • H
                  heper
                  last edited by Apr 1, 2023, 8:08 AM

                  @oren1031 might be good to show screenshots of 'everything'

                  1 Reply Last reply Reply Quote 0
                  6 out of 8
                  • First post
                    6/8
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    This community forum collects and processes your personal information.
                    consent.not_received