Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static route filtering

    Firewalling
    3
    3
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      demian
      last edited by

      Hi everyone

      Here is the situation: I have a Pfsense box as perimeter firewall-router. It has just 2 interfaces:LAn and WAN. and it has configured many static routes, because in my network I managed a lot of subnets and those subnet enter into pfsense through LAN interface. So, the issue is, when I want to connect via SSH from any foreign subnet to local subnet that the LAN has confgured, pfsense blocks even if I add a rule that let pass. Only if  I check this option in advanced features: "Static route filtering" pfsense let pass.

      Is there any way that I can set up this without check the option: "Static route filtering"

      thanks

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        You might need to give a bit more details. Examples of the 2 subnets where you have the problem and a screenshot of the rules for LAN.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          You can't statefully filter asymmetrically routed traffic, which is what you have. If you need to filter traffic between those networks, you have to put the router on its own interface of the firewall (as you can't control one direction of the traffic via the firewall, it goes direct from router to host).

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.