Default rule driving me insane

  • This is a quick diagram of our setup.

    • All 3 firewalls are connected to a common switch (230.0/24).
    • Routing on pfsense goes like this: -> (smoothwall 1 nic) -> (smoothwall 1 nic) -> (smoothwall 2008 nic)

    -230.0/24 is the subnet where all workstations are.
    -220.0/24 is a server subnet

    • 230.0/24 sees pfsense and vice-versa (this is the expected behavior).

    Now the problem:

    Even though i have set up an any/any rule for traffic on the LAN interface of pfsense i am having lots of problems with the default rule blocking a lot of things.

    Couple of examples:

    • Copying a file from 230.0/24 to 220.0/24 fails
    • Remote desktop to 150.0/24 has constant disconnections

    For those 2 examples i get a million log entries relating to the default rule blocking that traffic, even though there's a rule allowing it.

    Traffic on the other 2 smoothwalls is permitted in the same way and no log is generated, so it must be pfsense.

    Any ideas?

  • Case in point:

    Remote Desktop Connection (Packets blocked by default rule)

    May 1 01:08:33  LAN  TCP:A
    May 1 01:08:33 LAN TCP:P

    File Copy

    May 1 01:11:40  LAN  TCP:R
    May 1 01:11:30 LAN TCP:P

  • Just noticed the static route filtering option, after checking it everything started working fine.

Log in to reply