After instal only icmp works fine

rafalle · Oct 7, 2008, 10:15 AM

hi,
i have fresh and simple install of 1.2-RELEASE.

from LAN: only ICMP work fine. Other traffic (tcp) from LAN go to internet, come back to pfsense (WAN interface) and stops here.
I check keep state / no state options in firewall rules but with no results.

What i miss? i sure there is some "magic-checkbox" :)
thanks for any suggestions

config below:
WAN: dhcp from isp
additional virtual ip for nat ( as proxy arp)
Nat outbond - have manual rule , WAN 192.168.0.1/24 * * * VIRTUAL_IP * NO
Firewall pass all traffic on LAN

GruensFroeschli · Oct 7, 2008, 10:17 AM

Did your ISP assign you a static IP?
What do you need the VIP for?

rafalle · Oct 7, 2008, 10:54 AM

dhcp from isp works fine i get: ip,mask,gw,dns. no conflits with my others public fw.

i need other public ip for LAN-NAT. I try to build new firewall on pfsense (lan+nat, dmz+ binat ) and i stops here …

ping www.php.net from lan hosts works fine.
telnet www.php.net 80 -> resolve addresses , but packet from www.php.net stops on pfsense-WAN-interface

GruensFroeschli · Oct 7, 2008, 11:08 AM

As you desribe it it should "just work".

You could try to change the VIP from PARP to CARP (even if you dont use the CARP-functionality) and see if it helps.

rafalle · Oct 7, 2008, 11:46 AM

i cant just switch arp->carp on vips becouse of webconfigurator rules.

anyway. i disable vip and set nat from Lan-> WAN.
after that all traffic from Lan-hosts stops, only resolving address work correctly :(

what a f. maybe i missunderdstood some check-boxes in menu