Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Firewall missing traffic

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 950 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mislav
      last edited by

      Hi everyone.

      I've a question and I'm out of ideas and need your help!

      For start, here is the environment and the network flow:

      • traffic comes from internet to pfsense WAN interface and I've set rule there to allow all traffic to one specific host XX (and I'm logging traffic)
      • the server where traffic comes in behind NAT and this traffic goes to host XX as mentioned

      Now, the host XX have also hardware firewall and here is the problem:

      • hardware firewall detects some traffic as suspicious/intrusion prevention but this traffic I don't see on pfsense traffic - why?

      Example of this kind of traffic seen by host XX / hardware firewall:
      time: 2017/03/03 10:55:27
      src: 83.136.83.234, 443
      dst: HOST XX, 18283
      TCP scanned port list, 23110, 48846, 14554, 61720, 33472

      Sometimes traffic like that is logged in pfsense, sometimes it's not. Any ideas?

      1 Reply Last reply Reply Quote 0
      • D Offline
        doktornotor Banned
        last edited by

        @mislav:

        Now, the host XX have also hardware firewall and here is the problem:

        • hardware firewall detects some traffic as suspicious/intrusion prevention but this traffic I don't see on pfsense traffic - why?

        Ask the unknown firewall vendor. Really totally OT here.

        1 Reply Last reply Reply Quote 0
        • M Offline
          mislav
          last edited by

          So you suspect this hardware firewall could log some traffic that comes through pfsense but that traffic is not logged on pfsense, but it's there?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.