Port forwarding stops working and needs reboot to recover
-
[edit: I'm posting this in case someone can help me fix it –obviously-- but also to get [b]your ideas on better diagnostic procedures. I have a good understanding of networking concepts but very limited freeBSD knowledge (my good Linux background helps but is not always enough).]
So, my pfsense suddenly stopped forwarding ports. After rebooting it all was good for about an hour and then it stopped forwarding again. The 2nd time I tried to clear states (had no better idea) but it didn't help and so I rebooted again and it's been a few hours without the problem appearing. Since I haven't found the root of the issue and it happened twice in one hour I'm worried :(
I did a tcpdump on my WAN and LAN while probing the external port with nmap and observed this situation:
_________________
| pfsense |
INTERNET–-o-WAN LAN-o-----HOST
|_________________|^ ^
tcpdump tcpdump--syn--> --syn-->
<--syn-ack---So SYN packets reach the host on my LAN but the SYN-ACK packets are traced passing my LAN interface but don't reach my WAN interface.
I'm on the latest pfsense version (64bit) since a few days. I have 3 WAN connections. It's been a few weeks with no change in my configuration except switching the default GW from WAN to OPT1.