Default rule driving me insane
-
This is a quick diagram of our setup.
- All 3 firewalls are connected to a common switch (230.0/24).
- Routing on pfsense goes like this:
192.168.210.0 -> 192.168.230.1 (smoothwall 1 nic)
192.168.220.0 -> 192.168.230.1 (smoothwall 1 nic)
192.168.150.0 -> 192.168.230.143 (smoothwall 2008 nic)-230.0/24 is the subnet where all workstations are.
-220.0/24 is a server subnet- 230.0/24 sees pfsense and vice-versa (this is the expected behavior).
Now the problem:
Even though i have set up an any/any rule for traffic on the LAN interface of pfsense i am having lots of problems with the default rule blocking a lot of things.
Couple of examples:
- Copying a file from 230.0/24 to 220.0/24 fails
- Remote desktop to 150.0/24 has constant disconnections
For those 2 examples i get a million log entries relating to the default rule blocking that traffic, even though there's a rule allowing it.
Traffic on the other 2 smoothwalls is permitted in the same way and no log is generated, so it must be pfsense.
Any ideas?
-
Case in point:
Remote Desktop Connection (Packets blocked by default rule)
May 1 01:08:33 LAN 192.168.230.141:55790 192.168.150.20:3389 TCP:A
May 1 01:08:33 LAN 192.168.230.141:55790 192.168.150.20:3389 TCP:PFile Copy
May 1 01:11:40 LAN 192.168.230.141:55870 192.168.220.3:445 TCP:R
May 1 01:11:30 LAN 192.168.230.141:55870 192.168.220.3:445 TCP:P
-
Just noticed the static route filtering option, after checking it everything started working fine.