Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FW blocking some connection / double bandwitdh in graphs

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 442 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      thelive1
      last edited by

      Hi All,

      First post here and new to pfsense, so apologies in advance if this isnt posted where it should be..
      I installed pfsense on a vm in our network, because we've been having bandwidth issues and i would like to monitor who is sucking up all the bandwidth.

      However i have two issues:
      1. bandwidth is counted double in the stats (least urgent)
      2. some connections are blocked even tho there is a allow any to any rule on both LAN and WAN

      Topology:

      Multiple sites connected through MPLS/VPN

      Site A:

      i cant put the FW between the router and the core switch for reasons, so i just created the VM with 2 NICs.

      WAN (192.168.162.53) and pointed GW to original GW .254
      LAN (192.168.162.54)
      Pointed GW for the DHCP ( running windows server ) to .54
      2 Rules: Any to Any on wan | any to any on lan

      Site B:
      My main location, original setup, no pfsense deployed (yet)
      Sadly, IP range is 192.0.0.0/24

      Symptoms:

      a)

      • RDP/PING to PC/Server with DHCP lease on site A from Site B does not work
      • RDP/PING from these devices to my PC on site B = OK
      • Devices who use original GW have no issue

      b)

      • user goes to sharepoint, the server is located on a 3rd site ( 172.28.2xx.xx) , they get login prompt for their AD user, keeps looping for login )
      • devices who use the original GW, have no issue

      c) not as urgent
      Double traffic on interface, both ip .53 ( WAN ) is show in LAN traffic

      FW logs show a lot of this:

      and some of this

      Rules:

      and

      Disabling the FW fixes the issues but i'd like to do some limiting etc, so this isnt really an option..

      Is my FW setup fundamentally wrong? whats up?

      1 Reply Last reply Reply Quote 0
      • T Offline
        thelive1
        last edited by

        not much feedback :/

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.