Is there any way I cannot use the "Static route filtering" option in my situation?
-
Hi everyone,
I have an internal server with around 10-15 ports forwarded to it from a virtual WAN IP. For this server I have also set up a 1 to 1 nat so it uses the same external IP the traffic is coming in on. However, I keep seeing traffic block by the default deny rule with outgoing traffic on ports that are being allowed and forwarded. My default outbound rule is to pass all traffic.
Looking into this issue it seems the fix is to enable Static route filtering Bypass firewall rules for traffic on the same interface. Once I do this, it seems the traffic is passed normally. This seems less secure to me. Is there something I can configure differently to avoid having to bypass the rules?
Please let me know if you need any further information. Thank you in advance. -
Update, it seems it is still blocking traffic even though the "Bypass firewall rules for traffic on the same interface" is checked.
-
@IbanezRG770 said in Is there any way I cannot use the "Static route filtering" option in my situation?:
I keep seeing traffic block by the default deny rule with outgoing traffic on ports that are being allowed and forwarded.
Which traffic? From the server to the internet or from the internet to the server or even from / to another subnet?
Can show the blocks, please?
-
@viragomann
It's outgoing from the internal server to the external client mashines.
Port 8027 is forwarded from the external IP to the internal server for both UDP/TCP. -
@IbanezRG770 said in Is there any way I cannot use the "Static route filtering" option in my situation?:
Port 8027 is forwarded from the external IP to the internal server for both UDP/TCP.
So these might be reply packets from the server, but they are blocked on WAN. So I'm wondering if you have a special network set up, which leads to these blocks.
-
@viragomann
Thanks. I only have one external WAN port and several internal networks. I have the default block rule and 2 other rules that were created by PFSense DNSRBL. All other traffic is allowed outbound. I am not sure what/why would be blocking it.