PfSense firewall unreachable and blocked
-
Dear all,
In the past 4-5 months my client's pfSense firewall froze 3-4 times in a state in which I couldn't reach it anymore via ssh or web, neither the devices from LAN were able to communicate with other devices. After an electrical restart it starts working again. The thing is that this week it froze again for 2 times during 3 days having sort of a different behavior, but after an electrical restart everything start working properly.
First, I will present the set-up:
I have two pfSense firewalls (mine and my client's - the one that freezes) and an IPsec set-up between them. My client's devices communicates with the devices from my network via IPsec.To sum-up regarding my problem, pfSense presents 2 different behaviors:
-
the first one and the more frequent one is when the firewall freeze and it cannot be reached from outside (ssh nor web) neither the devices from LAN are ablea to communicate via IPsec
-
the second and most recent one is when I cannot reach the firewall from outside (ssh nor web) but the devices from LAN are able to communicate via IPsec with some of the devices from my network
Because pfSense saves its logs on RAM, after reboot I cannot see any of the logs from before the reboot, so I don't have any information on what happens when the firewall gets into this state. I didn't set-up a log server because I am not very sure about how fast I will run out of memory.
Let me know if you need any other info. I would very much appreciate your input on this matter.
Thank you and best regards,
Alex :D
-
-
Because pfSense saves its logs on RAM, after reboot I cannot see any of the logs from before the reboot, so I don't have any information on what happens when the firewall gets into this state. I didn't set-up a log server because I am not very sure about how fast I will run out of memory.
What version are you running? full installs haven't logged to ram for some time now.
A remote syslog wouldn't run out of ram … if configged badly, it might run out of diskspace