Simple firewall rule(I guess)

epema

Hello guys!

Here is a quick explanation of my situation:
192.168.1.1 (LAN) = MyPfSense = (WAN) 10.1.1.2
cisco gateway = 10.1.1.1
server = 10.1.1.3

from my LAN I cannot access 10.1.1.3:88, but I can access 10.1.1.3:80.

Im guessing if the problem is on the firewall or the Squid which is running on 8080(not transparent).

Some hint please :)

podilarius

Port 88 is not a standard port, what do you have running on it? If you disable squid, can you access it? Have you change the outbound NAT settings? Do you see a block in the firewall log? If you monitor tcpdump at the server can you see the packets arriving? If you can, look at the tcpdump on the WAN interface of pfSense to see if you see the returns.

epema

Thanks for the reply :)

-I have a squid error showing up saying not permitted.
-I don't see block in firewall log
-Monitoring tcpdump I can not see packets on external and internal interfaces

• I havent changed the outbound NAT settings.. should I add something ?

About disabling squid.. how can I access the internet if i disable squid?

so… problem is Squid?

epema

I added 88 in acl safeports in squid. And it worked
Stupid I am..

Thanks anyways! :)