Wierd ICMP taffic from Firewall



  • Hi All,

    I have been using pfSense with OpenVPN for about 4 years now and have just noticed something strange on my current configuration.

    My firewall log is completely filled with outbound ICMP connections from my lo0 interface to my internal OpenVPN internal IP. I have never noticed this until now.

    Can someone help identify what the cause of this might be?

    May 11 14:23:56 ► lo0 let out anything IPv4 from firewall host itself (1000005813) 192.168.x.x 10.15.0.x ICMP
    May 11 14:23:56 ► lo0 let out anything IPv4 from firewall host itself (1000005813) 192.168.x.x 10.15.0.x ICMP
    May 11 14:23:56 ► lo0 let out anything IPv4 from firewall host itself (1000005813) 192.168.x.x 10.15.0.x ICMP
    May 11 14:23:56 ► lo0 let out anything IPv4 from firewall host itself (1000005813) 192.168.x.x 10.15.0.x ICMP

    Thank you for any info or thoughts!



  • @mustavas

    What device is192.168.x.x? 10.15.0.x? Also, there's no need to hide those addresses.

    BTW, there's no such thing as an ICMP connection. They're just stand alone messages.



  • @JKnott
    The 192.168.1.2 address is the Pfsense itself and the 10.15.0.11 is an internal address on a OpenVPN connection.
    The weird thing is, keep-alive is disabled on the openvpn config. I cant think of any reason why my pfsense would automatically be sending icmp messaged to that address without the keep alive setting?



  • Connection quality monitoring?



  • @Harvy66
    It does seem like it is something like that, but it is VERY constant. Im am very sure there is no configured setting for this.
    8a7c2428-579b-460b-9669-37417a69d502-image.png



  • I disabled gateway monitoring, but its still going!


Log in to reply