Help with Floating rules
-
Hi, I'm using pfsense as firewall for our servers.
I have the WAN and the NET interfaces, WAN is the upstream with public IP provided by the datacenter and NET is the network with our /24 public IP addresses. Servers have the public IP configured on eth0 interface and pfsense IP on NET as gateway.
For some services we are using a Load Balancer (CentOS 6) with Direct Routing. Since we have some trouble with "► WAN Default deny rule IPv4" we added some rules as explained here under Manual Fix: https://docs.netgate.com/pfsense/en/latest/firewall/troubleshooting-blocked-log-entries-due-to-asymmetric-routing.html
But in the first time rules under Floating was blocking all outbound traffic. After some test and reading I found as possibile solutions to set Floating rules as "inverted" (in term of source/destination IP) from WAN rules.
Now servers works fine (we don't see any Default deny in System Logs) but I'm not sure if this setup is corretting, here the rules:
WAN Rules:
NET Rules:
Floating Rules:
Advanced settings:
Are these setting correct?
Thanks