After Update to 2.4.1 Internal Server (IP) is blocked
-
Hello,
I have updated to 2.4.1 and I have an issue, that one internal server (Mail, Web) is being blocked.
I changed the IP and it helped only for some time.
I cannot ping the server from pfsense, but I can ping it from other computers.
Also, I cannot ping pfsense from the server, but I can ping other computers.Any ideas, where to look at?
Thx,
Saveman -
Ok,
I first thought it had something to do with snort, so I removed the package.
But, my problem still remained.By chance I realized that under "Diagnostics / Routes" a rule has automatically created:
Destination Gateway Flags Use Mtu Netif
192.168.0.2 x6.xx7.xx0.129 UGHS 1184 1500 em2192.168.0.2 is my webserver
em2 is the external interface
The Gateway address is the WAN gateway (per dhcp)What is this route? How is it created?
-
What is this route? How is it created?
How should we know if you don't provide any in depth details about your configuration.
-
Config:
1 Nic for the local network (em0)
1 Nic connected to a FritzBox in BridgeMode (em2)Setup reverse proxy for web-/mailserver and a synology diskstation.
Access from external to diskstaiton works fine. Disabling the reverse proxy and adding a NAT/Port Forward to the webserver does not solve the issue.btw:
If I change the IP of the webserver and change the entries on the pfsense as well, everything works fine.
… until the above mentioned route is beeing created. -
Customer calls Mechanic:
Customer: Somethin in my car doesn't work anymore.
Mechanic: First tell me what kind of car do you have?
Customer: It's blue, has 4 tires and a steering wheel.Currently you akt like the customer above. Now think hard and then provide in depth details about your pfSense configuration.
-
After Update to 2.4.1 Internal Server (IP) is blocked
On what you were updating the pfSense firewall? (x86 32Bit hardware or software release or perhaps both?)
From what entire version you were updating it to the version 2.4.1? From 2.2.6, or from 2.3.2 or from 2.4.0?
What a kind of installation is it right now? USB pen drive install (NanoBSD) or a 32 Bit installation?
Are VLANs are in usage there in front of the eMail server or the WAN port?