STRANGE CASE?! SYN_SENT:CLOSED Dual-WAN/NAT
-
I have a simple Dual-WAN setup.
LAN: 192.168.0.254
WAN: 192.168.201.254 <–DMZ-- .201.1
OPT1: 192.168.202.254 <--DMZ-- .202.1I've setup Policy routing on game source/destination ports / game servers so that all game traffic will go to OPT1 while the default is WAN.
This case is strange, without initiating traffic through WAN, making connections via OPT1 wouldn't give any response..
(although I can ping certain hosts via static routes (dns))
Here's a tcpdump example:
10:26:57.644458 IP 192.168.0.104.1042 > 74.53.215.6.7456: S 3554463921:3554463921(0) win 65535 <mss 1460,nop,nop,sackok="">10:27:00.507230 IP 192.168.0.104.1042 > 74.53.215.6.7456: S 3554463921:3554463921(0) win 65535 <mss 1460,nop,nop,sackok="">NO RESPONSE (2 packets sent out)State: tcp 192.168.0.102:1044 -> 192.168.202.254:1044 -> 74.53.215.6:7456 SYN_SENT:CLOSED
But after making traffic through WAN, it'll work flawless. Huh?!
WORKING tcpdump example:
10:30:21.740800 IP 192.168.0.104.1143 > 74.53.215.6.7456: S 3572235624:3572235624(0) win 65535 <mss 1460,nop,nop,sackok="">10:30:22.024314 IP 74.53.215.6.7456 > 192.168.0.104.1143: S 813763978:813763978(0) ack 3572235625 win 16384 <mss 1452,nop,nop,sackok="">10:30:22.024417 IP 192.168.0.104.1143 > 74.53.215.6.7456: . ack 1 win 65535
10:30:22.024558 IP 192.168.0.104.1143 > 74.53.215.6.7456: P 1:6(5) ack 1 win 65535State: tcp 192.168.0.102:1075 -> 192.168.202.254:1075 -> 74.53.215.6:7456 TIME_WAIT:TIME_WAIT
---- What am I doing wrong? Why is it so weird? I even tried deleting all the states related to those hosts involved.. the case is still the same. I'm totally lost.</mss></mss></mss></mss>
-
what pfsense version?
what interface are you capturing on?
-
latest snapshot.
i used tcpdump -n …..
but itll also appear in tcpdump -n -i OPT1nic.... I just didnt use -i cuz i wanted to see the actual source ip -
Please make a screenshot of the firewall rules and any related nat rules.