Firewall rules
-
Hi all I need little guidance or a point in the right direction with firewall rules
My setups is
pfsense (192.168.1.1)
From here I got a ubiquiti unifi switch (USW-Lite-8-POE) and a ubiquiti unifi AP
And a promox server with WM and CT
I got 3 Vlans ( Vlan30 (192.168.2.1 - 192.168.2.100) - Vlan40 (10.10.5.1 10.10.5.100) - Vlan50 (10.10.2.1 - 10.10.2.100) and my LAN (192.168.1.1 - 192.168.1.100)
The proxmox server is on my LAN (192.168.1.5 static IP)
One CT is a ubuntu server on Vlan30 (192.168.2.7 static ip)
For Vlan30 I got 2 firewall rules
*firewall alias (networks 10.0.0.0/8 + 172.16.0.0/12 + 192.168.0.0/16)
when I enable the rules the ubuntu server (Vlan30) cant ping google.com but i can ping 8.8.8.8
On the same Vlan(30) i got a ubuntu client and i works fine with the rules enable I can ping google.com & 8.8.8.8
i don't get why i can ping google.com from the ubuntu client and not the server
if make a rule like
pass - Vlan30 - ipv4 - any - any - any - any
then the ubuntu server can ping google.com
Can anyone please give me a hint on what I am missing or doing wrong
Thank you a lot in advance :)
-
@John_McNoob said in Firewall rules:
when I enable the rules the ubuntu server (Vlan30) cant ping google.com but i can ping 8.8.8.8
On the same Vlan(30) i got a ubuntu client and i works fine with the rules enable I can ping google.com & 8.8.8.8
Do both try to ping the same IP?
Possibly they resolve to different. -
If i disabel the rules in the firewall
Yes the ping the same IP or resvole to the same ip
Server ping google
Client ping google
Server IP
Client IP
With firewall rules
-
@John_McNoob said in Firewall rules:
With firewall rules
I'd expect, that it at least resolves the host name, but it presumably can't.
Maybe it uses another local DNS server, which it is not permitted to access then.
Try dig to verify.dig google.com -
-
I found the issue ( or i think so)
Client DNS
Server DNS
Then i have to find out why they diffrent DNS
Tnx so much for the help :)
-
Got it working now :)
