Http traffic blocked over openvpn site to site
-
Hi Team,
I have upgraded pfsense on a site to the latest version. There is a site to site vpn and on the other side I have an intranet server. It used to work but after the upgrade it stopped. I am looking at the logs and this is what I can see. The port 80 traffic is being blocked.
Apr 9 22:36:19 LAN 192.168.30.101:63439 192.168.31.14:80 TCP:RA
The rule that triggered this action is:
@5(1000000103) block drop in log inet all label "Default deny rule IPv4"
I cant see why that specific traffic on port 80 is being blocked as I can ping the server from a wks on the local lan. but when I open a web page it just says trying to open.
Can anyone please advise.
Rajbps
-
That is out-of-state traffic. It is a RST+ACK (TCP:RA)
An actual block of traffic by a firewall rule would be a SYN, (TCP:S)
https://doc.pfsense.org/index.php/Why_do_my_logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection
Can't think of anything in an upgrade that would change such behavior. Generally when that happens you had something configured that shouldn't have been working in the first place and is enforced in a newer version.
-
I had a similar issue when upgrading to 2.4.2. I haven't solved it…
https://forum.pfsense.org/index.php?topic=141487.msg772193