Default rule driving me insane



  • This is a quick diagram of our setup.

    • All 3 firewalls are connected to a common switch (230.0/24).
    • Routing on pfsense goes like this:

    192.168.210.0 -> 192.168.230.1 (smoothwall 1 nic)
    192.168.220.0 -> 192.168.230.1 (smoothwall 1 nic)
    192.168.150.0 -> 192.168.230.143 (smoothwall 2008 nic)

    -230.0/24 is the subnet where all workstations are.
    -220.0/24 is a server subnet

    • 230.0/24 sees pfsense and vice-versa (this is the expected behavior).

    Now the problem:

    Even though i have set up an any/any rule for traffic on the LAN interface of pfsense i am having lots of problems with the default rule blocking a lot of things.

    Couple of examples:

    • Copying a file from 230.0/24 to 220.0/24 fails
    • Remote desktop to 150.0/24 has constant disconnections

    For those 2 examples i get a million log entries relating to the default rule blocking that traffic, even though there's a rule allowing it.

    Traffic on the other 2 smoothwalls is permitted in the same way and no log is generated, so it must be pfsense.

    Any ideas?



  • Case in point:

    Remote Desktop Connection (Packets blocked by default rule)

    May 1 01:08:33  LAN  192.168.230.141:55790  192.168.150.20:3389  TCP:A
    May 1 01:08:33 LAN 192.168.230.141:55790 192.168.150.20:3389 TCP:P

    File Copy

    May 1 01:11:40  LAN  192.168.230.141:55870  192.168.220.3:445  TCP:R
    May 1 01:11:30 LAN 192.168.230.141:55870 192.168.220.3:445 TCP:P



  • Just noticed the static route filtering option, after checking it everything started working fine.


Log in to reply