After Update to 2.4.1 Internal Server (IP) is blocked



  • Hello,

    I have updated to 2.4.1 and I have an issue, that one internal server (Mail, Web) is being blocked.
    I changed the IP and it helped only for some time.
    I cannot ping the server from pfsense, but I can ping it from other computers.
    Also, I cannot ping pfsense from the server, but I can ping other computers.

    Any ideas, where to look at?

    Thx,
    Saveman



  • Ok,

    I first thought it had something to do with snort, so I removed the package.
    But, my problem still remained.

    By chance I realized that under "Diagnostics / Routes" a rule has automatically created:
    Destination      Gateway                Flags      Use      Mtu      Netif
    192.168.0.2      x6.xx7.xx0.129    UGHS    1184    1500      em2

    192.168.0.2 is my webserver
    em2 is the external interface
    The Gateway address is the WAN gateway (per dhcp)

    What is this route? How is it created?


  • Banned

    @saveman:

    What is this route? How is it created?

    How should we know if you don't provide any in depth details about your configuration.



  • Config:

    1 Nic for the local network (em0)
    1 Nic connected to a FritzBox in BridgeMode (em2)

    Setup reverse proxy for web-/mailserver and a synology diskstation.
    Access from external to diskstaiton works fine. Disabling the reverse proxy and adding a NAT/Port Forward to the webserver does not solve the issue.

    btw:
    If I change the IP of the webserver and change the entries on the pfsense as well, everything works fine.
    … until the above mentioned route is beeing created.


  • Banned

    Customer calls Mechanic:

    Customer: Somethin in my car doesn't work anymore.
    Mechanic: First tell me what kind of car do you have?
    Customer: It's blue, has 4 tires and a steering wheel.

    Currently you akt like the customer above. Now think hard and then provide in depth details about your pfSense configuration.



  • After Update to 2.4.1 Internal Server (IP) is blocked

    On what you were updating the pfSense firewall? (x86 32Bit hardware or software release or perhaps both?)
    From what entire version you were updating it to the version 2.4.1? From 2.2.6, or from 2.3.2 or from 2.4.0?
    What a kind of installation is it right now? USB pen drive install (NanoBSD) or a 32 Bit installation?
    Are VLANs are in usage there in front of the eMail server or the WAN port?


Log in to reply