FW blocking some connection / double bandwitdh in graphs



  • Hi All,

    First post here and new to pfsense, so apologies in advance if this isnt posted where it should be..
    I installed pfsense on a vm in our network, because we've been having bandwidth issues and i would like to monitor who is sucking up all the bandwidth.

    However i have two issues:
    1. bandwidth is counted double in the stats (least urgent)
    2. some connections are blocked even tho there is a allow any to any rule on both LAN and WAN

    Topology:

    Multiple sites connected through MPLS/VPN

    Site A:

    i cant put the FW between the router and the core switch for reasons, so i just created the VM with 2 NICs.

    WAN (192.168.162.53) and pointed GW to original GW .254
    LAN (192.168.162.54)
    Pointed GW for the DHCP ( running windows server ) to .54
    2 Rules: Any to Any on wan | any to any on lan

    Site B:
    My main location, original setup, no pfsense deployed (yet)
    Sadly, IP range is 192.0.0.0/24

    Symptoms:

    a)

    • RDP/PING to PC/Server with DHCP lease on site A from Site B does not work
    • RDP/PING from these devices to my PC on site B = OK
    • Devices who use original GW have no issue

    b)

    • user goes to sharepoint, the server is located on a 3rd site ( 172.28.2xx.xx) , they get login prompt for their AD user, keeps looping for login )
    • devices who use the original GW, have no issue

    c) not as urgent
    Double traffic on interface, both ip .53 ( WAN ) is show in LAN traffic

    FW logs show a lot of this:

    and some of this

    Rules:

    and

    Disabling the FW fixes the issues but i'd like to do some limiting etc, so this isnt really an option..

    Is my FW setup fundamentally wrong? whats up?



  • not much feedback :/