Odd blocked traffic on Pfsense Azure appliance

  • Hello,

    We are running the netgate pfsense azure appliance at work (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/netgate.netgate-pfsense-appliance)

    For this to work we have 2 NICs (WAN, LAN) in our azure VM.

    Out networks are,
    LAN:, ip:, gateway: None
    WAN:, ip:, gateway: (Azure controls the gateway)

    This works good but periodically i get firewall block entries with info,
    @53(1000001570) block drop in log on ! hn0 inet from to any
    @58(1000002620) block drop in log on ! hn1 inet from to any

    Apr 12 08:56:38	LAN	TCP:SA
    Apr 12 08:56:38	LAN	TCP:SA
    Apr 12 08:54:07	WAN	TCP:SA
    Apr 12 08:54:07	WAN	TCP:SA

    As far as i can tell this does not affect the stability and service of the firewall.

    Do any one know why i get these connections from the pfsense WAN <-> LAN interfaces?
    Or if i somehow can simply not show them in my firewall log. I tried adding Easy rules but they are never triggered.


  • I'm seeing the same thing… did you figure anything out?

  • Netgate Administrator

    The rule it's hitting implies you have traffic coming in on the wrong interface. Like traffic from hitting the WAN which should never happen.

    Either that traffic it routed past pfSense somehow or maybe that subnet is in use somewhere else on the WAN side.

    However since you're seeing that on both interfaces with seemingly identical traffic I suspect something in the infrastructure. Those port numbers appear to be used by the Azure load-balancer.


  • Hi,

    had the same problem yesterday. It´s gone now, i have changed the topology a little bit.

    New topology:

    VNET: (3 subnets)
    pfsense wan interface:
    pfsense lan interface:
    pfsense default gateway (azure):
    pfsense lan gateway (azure):
    client subnet:
    pfsense static route: -->
    azure user defined routing (udr) bound to client subnet --> -->


Log in to reply