Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ip fixo Wan e Ip fixo Lan

    Scheduled Pinned Locked Moved Portuguese
    24 Posts 3 Posters 7.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM Offline
      marcelloc
      last edited by

      Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

      O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • M Offline
        marcelo
        last edited by

        @marcelloc:

        Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

        O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

        Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

        1 Reply Last reply Reply Quote 0
        • marcellocM Offline
          marcelloc
          last edited by

          @marcelo:

          Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

          O que tinha visto era um pftop e não o tcpdump que está lá

          a unica comunicação que não acontece naquele tcpdump é esta

          11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
          11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
          11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
          11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

          Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

          se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

          sugestão de comando
          tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

          ou para monitorar uma porta específica
          tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • M Offline
            marcelo
            last edited by

            @marcelloc:

            Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

            O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

            Sim, sem problemas, segue o tcpdump logo acima.

            1 Reply Last reply Reply Quote 0
            • M Offline
              marcelo
              last edited by

              @marcelloc:

              @marcelo:

              Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

              O que tinha visto era um pftop e não o tcpdump que está lá

              a unica comunicação que não acontece naquele tcpdump é esta

              11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
              11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
              11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
              11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

              Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

              se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

              sugestão de comando
              tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

              ou para monitorar uma porta específica
              tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar

              Segue o único que consegui capturar foi o da Lan o da Wan nem aparece:

              12:58:13.159110 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 33957, win 4380, length 0
              12:58:13.165272 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 36877, win 4380, length 0
              12:58:13.166787 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 38380, win 4380, length 0
              12:58:15.172241 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 38380, win 4380, length 763
              12:58:15.172399 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 507, length 0
              12:58:15.322704 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.322742 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.322767 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.322787 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.322807 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.322830 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 1070
              12:58:15.323495 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.323552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.331953 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 41300, win 4380, length 0
              12:58:15.332120 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
              12:58:15.332148 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 43
              12:58:15.334740 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 44220, win 4380, length 0
              12:58:15.340753 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 46750, win 4380, length 0
              12:58:15.345012 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 49670, win 4380, length 0
              12:58:15.347078 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 51173, win 4380, length 0
              12:58:17.352806 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 51173, win 4380, length 763
              12:58:17.353017 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 507, length 0
              12:58:17.494279 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.494318 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.494343 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.494366 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.494387 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.494409 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 1070
              12:58:17.495086 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.495143 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.495168 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
              12:58:17.495187 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 43
              12:58:17.499396 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 54093, win 4380, length 0
              12:58:17.505637 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 57013, win 4380, length 0
              12:58:17.511538 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 59543, win 4380, length 0
              12:58:17.512097 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 62463, win 4380, length 0
              12:58:17.516183 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 63966, win 4380, length 0
              12:58:19.522338 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 63966, win 4380, length 763
              12:58:19.522532 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 507, length 0
              12:58:19.659552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.659597 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.659623 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.659644 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.659665 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.659687 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 1070
              12:58:19.660252 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.660286 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.660310 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
              12:58:19.660329 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 38
              12:58:19.665398 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 5
              12:58:19.666263 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 66886, win 4380, length 0
              12:58:19.668849 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 69806, win 4380, length 0
              12:58:19.677936 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 72336, win 4380, length 0
              12:58:19.680184 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 75256, win 4380, length 0
              12:58:19.681137 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76754, win 4380, length 0
              12:58:19.883162 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76759, win 4378, length 0
              12:58:21.686017 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 76759, win 4378, length 763
              12:58:21.686212 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 507, length 0
              12:58:21.827540 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.827576 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.827603 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.827624 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.827645 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.827667 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 1070
              12:58:21.828327 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.828383 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.828430 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
              12:58:21.828450 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 43
              12:58:21.836238 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 79679, win 4380, length 0
              12:58:21.837172 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 82599, win 4380, length 0
              12:58:21.844750 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 85129, win 4380, length 0
              12:58:21.847214 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 88049, win 4380, length 0
              12:58:21.848813 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 89552, win 4380, length 0
              12:58:23.854168 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 89552, win 4380, length 763
              12:58:23.854345 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 507, length 0
              12:58:23.996376 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.996416 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.996446 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.996467 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.996488 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.996510 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 1070
              12:58:23.997733 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.997816 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.997842 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
              12:58:23.997862 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 43
              12:58:24.001467 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 92472, win 4380, length 0
              12:58:24.007193 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 95392, win 4380, length 0
              12:58:24.010677 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 97922, win 4380, length 0
              12:58:24.016996 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 100842, win 4380, length 0
              12:58:24.018631 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 102345, win 4380, length 0
              12:58:26.024364 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 102345, win 4380, length 763
              12:58:26.024553 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 507, length 0
              12:58:26.161181 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161218 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161244 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161265 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161285 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161307 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 1070
              12:58:26.161895 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161924 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161946 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
              12:58:26.161966 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 38
              12:58:26.167130 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 5
              12:58:26.169842 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 105265, win 4380, length 0
              12:58:26.173930 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 108185, win 4380, length 0
              12:58:26.175105 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 110715, win 4380, length 0
              12:58:26.182923 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 113635, win 4380, length 0
              12:58:26.184124 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115133, win 4380, length 0
              12:58:26.381831 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115138, win 4378, length 0

              1 Reply Last reply Reply Quote 0
              • marcellocM Offline
                marcelloc
                last edited by

                parece trafego da sua maquina para a interface do pfsense.

                Treinamentos de Elite: http://sys-squad.com

                Help a community developer! ;D

                1 Reply Last reply Reply Quote 0
                • M Offline
                  marcelo
                  last edited by

                  @marcelloc:

                  parece trafego da sua maquina para a interface do pfsense.

                  Certo, o que mais eu poderia fazer?

                  1 Reply Last reply Reply Quote 0
                  • marcellocM Offline
                    marcelloc
                    last edited by

                    @marcelo:

                    Certo, o que mais eu poderia fazer?

                    Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.

                    Treinamentos de Elite: http://sys-squad.com

                    Help a community developer! ;D

                    1 Reply Last reply Reply Quote 0
                    • M Offline
                      marcelo
                      last edited by

                      @marcelloc:

                      @marcelo:

                      Certo, o que mais eu poderia fazer?

                      Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.

                      Eu fiz isso justamente neste tcpdump. Quando digito o tcdump no pfsense, eu já faço a tentativa de acesso ao site.

                      1 Reply Last reply Reply Quote 0
                      • M Offline
                        marcelo
                        last edited by

                        Pessoal, ainda não consegui fazer rodar, queria uma dica sobre isso, como poderia fazer para rodar certo sem que o pfsense tivesse os Ips internos das minhas redes, não poderiam ser 10.2.2.xx e nem 192.168.xx.xx, o que me recomendaria adicionar na Wan e na LAN do pfsense para rodar certinho a web e as máquinas de clientes.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.