[Solved] Firewall rules not loaded correctly

Teddy

Hey together,
i am having a new problem with my PFSense.

I have two LAN:

• My general LAN for myself
• Guest LAN for guests

After a reboot, devices in the guest (W)LAN can obtain an IP address, but have no internet access. If i login to PFSense go to Firewall -> Rules -> Guest LAN -> i have to open the rule for allow traffic (passing by VPN) to the internet -> save -> Firewall rules are reloaded and it works immediately without changing anything.

I can reproduce this failure here always again. Make a reboot of PFSense, Guest LAN doesn't work -> just open the mentioned rule -> save it -> everything works perfectly.

Does anyone have an idea or solution?

Brgds

Gertjan

@Teddy said in Firewall rules not loaded correctly:

just open the mentioned rule -> save it -> everything works perfectly.

We didn't saw this rule ... don't know what is does, or should do.

@Teddy said in Firewall rules not loaded correctly:

(passing by VPN

When this "VPN" is removed the issue persist ?

Teddy

Hey there,
i add a screenshot of the rule, that is active.

I didn't try it yet with removing the VPN. But just the rules for the VPN is not being loaded correctly!

The first rule should just pass all traffic from the guest-wifi through the CG VPN Service. For that reason i also chose that interface as destination. In general this rule works perfectly fine, but i always have to reload it after a reboot. Otherwise no traffic possible.

protonwork23

This post is deleted!

Gertjan

@Teddy said in Firewall rules not loaded correctly:

But just the rules for the VPN is not being loaded correctly!

Any messages ? Errors ? How does "not being loaded correctly" shows up ?

Your CYBERHOSTOPT1_VPNV4 is a gaewaty, right ?

You activated Gateway Monitoring, so the gateway gets restarted, rebuild if it goes bad ?

After a reboot, can you ping out using that gateway (VPN) ?

VPN log confirms the connection is up ?

I've never used these :

maybe they are useful for you ?

Teddy

@Gertjan
Messages or errors not. I just expect, that the rules were not loaded correctly, because after loading the rules again, it worked properly, without any change in the rules.

I just activated Gateway Monitorin, that was (for which reason ever) disabled. Now it looks okay, i think. Rebooted two times and always the connection to the internet was possible. So, maybe it really was just the gateway monitoring, i'll proceed to check if the problem is solved!

Thank you at first so much for help!

Teddy

I testes the last days and after four reboots still no problems anymore.

Looks like it was for the Gateway monitoring. I don't understand the connection between the problem and the monitoring, but tha most important is, that it just works!