Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static route on PFSense causes some traffic to hang.

    Scheduled Pinned Locked Moved
    Routing and Multi WAN
    2
    3
    2.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vonskippy
      last edited by

      Sorry for the long winded description…

      Static route on PFSense causes some traffic to hang.

      **DSL w/Static /29 (for vpn, vnc, smtp-server, http-server)
      |
      (public ip)
      Gnatbox –----- dmz 192.168.3.x-- email server -- web server
      192.168.1.1
      |
      |
      LAN (192.168.1.x  gw=192.168.1.2)
      |
      |
      192.168.1.2
      PFSense
      (public ip)
      |
      Cable w/Dynamic via DHCP (for general browsing, downloads, etc.)
      *has several static routes that direct
      email/intranet web/vpn/scp traffic to use 192.168.1.1

      Worked with PFSense v0.8x.xx (plus a few patches) but not with v1.0-RC1

      All worked great for several months.  Then lightening struck - fried cable modem, dsl modem, external nic in dsl firewall, external nic in cable firewall, both phones, both cable tv boxes, etc. (ouch!).

      Rebuilt all (using current release for PFSense rebuild), seems to work, then noticed that I can not do a successful transfer via scp, nor could I forward email that had inline graphics, nor could I send emails with attachments.  All would lockup/crash/etc.  Trace Route to email server shows the correct traffic flow (workstation - pfsense - gnatbox - email server), so the static route is working correctly for some traffic.  But send a email with an attachment and it dies before it completely gets transfered to the email server (connection closed - times out).

      I thought it was the DSL firewall or email server since all that traffic goes thru the DSL setup.  After testing piece by piece, I found that if I set my desktop gateway directly to the DSL box, everything works - it's only when it heads to the normal gateway (the PFSense cable box) and gets redirected via the static route (i.e. 222.111.121.131 (a clients vpn box) 192.168.1.1 - use dsl for client A vpn) that it hangs/drops.

      Since it used to work (with older versions of PFSense), I probably overlooked a new setting or feature in the newer version.

      Any ideas? (and thanks for the help).

      1 Reply Last reply Reply Quote 0
      • V
        vonskippy
        last edited by

        Updated PFSense to RC2 - still have the same problem.

        I can fix the problem by moving the Static Routes on PFSense to each workstation, but that's a pretty klunky long term solution.  There must be something I have setup wrong on the PFSense box that is causing this.

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          Try at system>advanced to set the "static routes filtering" option.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post