Strange Disconnects.
-
HI All,
Thank you very much for the great product.I have two PFsense 1.2.3 running in HP DL-320 G5, both servers where installed last month.
Those firewalls are connecting two private LANS via Ethernet leased line using IPSEC tunnel.
All was working perfect after the install. I was able to transfer large amount of data across that setup.We didn't used it for the last few weeks but now when I'm copying from one side to the other via smb,scp the connection break after 30 to 120 Seconds. Also ssh and rdp freezing after 30 to 120 seconds.
For example if I will copy two files from different machines they will not lose the connection together.
Until now I discovered the following. It does not related to IPSEC or MTU.
Server located at site A ip 192.168.10.20 firewall LAN IP 192.168.10.1
Server located at site B ip 192.168.20.20 firewall LAN IP 192.168.20.1While I'm copying from 192.168.10.20 to 192.168.20.20
I'm sniffing at two places 192.168.20.20 and PFsense 192.168.20.1.At the server 192.168.20.20 it get's dup acks and then timeout when the problem starts after ~60 sec.
At the PFsense 192.168.20.1 I can see that 192.168.10.20 sends the data but the receiving side(192.168.20.20) is not replying.BUT on the server itself 192.168.20.20 I can see the packets sent back to the 192.168.10.10.
So I'm losing packets between the server and the PFSense.
But the connection to the local pfsense is never drooped while I'm running tcpdump on the PFsense.Also the test server are copying great to all other locations that are not behind those firewalls.
Maybe someone have an idea?
My next steps are as follow.1. Connect a bridge before the pfsense and compare tcpdump with the firewall.
2. Replacing the HP servers or nics.Many Thanks..
-
Can we see sniffing results please?
Are you sure there is no other device with 192.168.20.1?
Run on the serverarp -an | grep 192.168.20.1when copying is running well and the same command right after problem occurs. If the server is MS Win them I am afraid you'll have to search through the whole output of```
arp -a -
Thank You,
I will provide the result and the tcpdump output on Sunday,Many Thanks
David, -
I found it!.
I configured it a few weeks ago and it worked perfect. this morning I remembered that the default gateway on the 192.168.20.0 net is 192.168.20.254 while the PFsense ip is 192.168.20.1. this is where I made the mistake.
When I tested the setup I had a static route facing 192.168.20.1 then I told to myself I will just add a static route on the existing firewall 192.168.20.254 and it will redirect the traffic. I rebooted the server a few time and the local route was deleted.So it's very interesting why the firewall 192.168.20.254 has created the mess.
But I'm not going to investigate this. I will replace it to Pfsense as well, and I hope that it will be ok.Many Thanks
David,