Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense as AT&T RG successful but minor issue

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 1 Posters 310 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      callinectes
      last edited by

      I have successfully replaced our BGW210 RG with pfSense using pfatt netgraph method but having one issue. We have a /26 of static IPs (this is the only network set up on the LAN), behind which are some linux machines running asterisk. Previously I had no problem when SSHing from behind our primary pfSense router (different router utilizing one of the static IPs). Now when I SSH to any of these machines it appears to work fine but after about 30 seconds the connection drops and I have to restart the session. Anyone have any ideas? SSH to anything outside works fine. It appears the RG replacement router is dropping the connection but I don't know where to start looking.

      1 Reply Last reply Reply Quote 0
      • C
        callinectes
        last edited by

        FYI - around the time the connection stops responding I see things like this in the firewall logs of the RG replacement pfSense:

        Oct 28 14:59:34 LAN Default deny rule IPv4 (1000000103) X.X.X.1:36231 X.X.X.8:22 TCP:PA
        Oct 28 14:59:34 LAN Default deny rule IPv4 (1000000103) X.X.X.1:36231 X.X.X.8:22 TCP:PA
        Oct 28 14:59:33 LAN Default deny rule IPv4 (1000000103) X.X.X.1:36231 X.X.X.8:22 TCP:A
        Oct 28 14:59:33 LAN Default deny rule IPv4 (1000000103) X.X.X.1:36231 X.X.X.8:22 TCP:PA

        I have an allow all rule on this interface so this shouldn't be an issue. I am guessing this is an anomaly / artifact related to but not directly attributable to the problem.

        1 Reply Last reply Reply Quote 0
        • C
          callinectes
          last edited by

          It appears this is happening with all connections, not just SSH.

          1 Reply Last reply Reply Quote 0
          • C
            callinectes
            last edited by callinectes

            So it was actually an issue in the router behind the RG replacement. I have dual WAN connections set up in it and had failover rules in place for outbound traffic. I decided to create a rule for traffic to the WAN NET to use the default route instead of the failover policy route. Immediately after applying the changes connections are being maintained and there are no more entries appearing in the RG replacement pfSense logs.

            Adding these notes in case of the 1 in a million chance someone else encounters the same issue.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.