Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HTTP traffic not blocked but no response

    Scheduled Pinned Locked Moved
    Virtualization
    1
    1
    106
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      Hi all,

      I'm having an issue with application traffic via pfSense VM.

      The firewall rule allows all traffics between source and destination. From the source to destination, all traffics work e.g., ping, ssh except for HTTP.

      Ping attempt - good

      eoin@controller:~ $ ping -c 3 10.2.33.11
PING 10.2.33.11 (10.2.33.11) 56(84) bytes of data.
64 bytes from 10.2.33.11: icmp_seq=1 ttl=63 time=0.853 ms
64 bytes from 10.2.33.11: icmp_seq=2 ttl=63 time=0.397 ms
64 bytes from 10.2.33.11: icmp_seq=3 ttl=63 time=0.462 ms

--- 10.2.33.11 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2019ms
rtt min/avg/max/mdev = 0.397/0.570/0.853/0.201 ms

      SSH attempt - good

      eoin@controller:~ $ ssh eoin@10.2.33.11
eoin@10.2.33.11's password: 
Welcome to Ubuntu 16.04.7 LTS (GNU/Linux 4.4.0-210-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
   just raised the bar for easy, resilient and secure K8s cluster deployment.

   https://ubuntu.com/engage/secure-kubernetes-at-the-edge

UA Infra: Extended Security Maintenance (ESM) is not enabled.

4 updates can be applied immediately.
3 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable

225 additional security updates can be applied with UA Infra: ESM
Learn more about enabling UA Infra: ESM service for Ubuntu 16.04 at
https://ubuntu.com/16-04

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.


Last login: Wed Nov 29 17:12:17 2023 from 172.20.38.12
eoin@host:~$

      cURL attempt - timed out

      eoin@controller:~ $ curl -w '%{http_code}' -H "Content-Type: application/json" http://10.2.33.11:8080/v2/system/ping
curl: (28) Failed to connect to 10.2.33.11 port 8080: Connection timed out
000eoin@controller:~ $

      pfSense shows traffic as CLOSED:SYN_SENT

      ac44353f-8baa-4472-8d39-9131337c8f74-image.png

      The network interface settings already disabled hardware checksum offload.

      1fecf6e4-15e2-403c-b2e9-c51e76fcc0bb-image.png

      Is there anything I can try to resolve this issue? Hope I can get some help.

      Eoin

      1 Reply Last reply Reply Quote 0
      • First post
        Last post