New install issues



  • I'm in the process of replacing my Smoothwall firewall with a pfSense firewall in my lab.

    Config is wan, lan (10.100.16.1/24), opt1/dmz (10.100.17.1/24) , and openvpn for remote access.  This is a virtual environment (oVirt).

    I've duplicated my firewall rules and have run into a sag.  Traffic traversing the firewall seems to fail (except connections going out the WAN).  To make sure it was not the firewall rules causing my issues I've put an allow all rule on the dmz, lan and openvpn interfaces (screenshots attached, the DMZ shows allow DMZnet to any but has been since changed to any to any).  Example of what I'm observing…..

    SSH connection from 10.100.16.10 to 10.100.17.14 (lan to dmz) connection times out.  Packet capture on the pfSense box on both lan and dmz shows packets in both directions.
    LDAP authentication from 10.100.17.10 to 10.100.16.14 (dmz to lan) same as above.  Packet capture attached for the two interfaces.  Captures are two separate transactions.

    Pinging in both directions works fine.

    I also can connect to the vpn, and can access the pfSense gui at 10.100.16.1 but nothing else.  Ping works though to any ip on the lan and dmz.


    ![2017-05-20 (1).png](/public/imported_attachments/1/2017-05-20 (1).png)
    ![2017-05-20 (1).png_thumb](/public/imported_attachments/1/2017-05-20 (1).png_thumb)
    ![2017-05-20 (2).png](/public/imported_attachments/1/2017-05-20 (2).png)
    ![2017-05-20 (2).png_thumb](/public/imported_attachments/1/2017-05-20 (2).png_thumb)
    ![2017-05-20 (3).png](/public/imported_attachments/1/2017-05-20 (3).png)
    ![2017-05-20 (3).png_thumb](/public/imported_attachments/1/2017-05-20 (3).png_thumb)
    ldap_dmz_1.cap.pcap
    ldap_lan_1.cap.pcap