Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can only see outside ip address from 1 internal subnet

    General pfSense Questions
    1
    2
    27
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brahma6 last edited by

      Hello

      I am having issues with my pfSense firewall.
      It has been running pretty much flawlessly for about a year.
      Sometime in the last few weeks an issue has popped up.

      Here is a general layout.

      My network is split into 3 subnets.

      We have a WAN, a main 10 LAN, and a 192 back end. *

      We can no longer reach one of our WP servers from our 10 LAN.

      I can get to it from the 192 network, but when we try and get to it from the 10 network the packets never leave the 10 networks interface on the firewall. ie no packets show up on the WAN interface.

      When pinging the WP server...

      Capture from the 10 LAN

      08:20:40.470822 IP 10.10.0.71 > 189.167.253.16: ICMP echo request, id 1, seq 7458, length 40
      08:20:45.474219 IP 10.10.0.71 > 189.167.253.16: ICMP echo request, id 1, seq 7459, length 40

      Capture from the 192 LAN

      09:07:48.608735 IP 192.168.68.71 > 189.167.253.16: ICMP echo request, id 1, seq 7972, length 40
      09:07:48.625756 IP 189.167.253.16 > 192.168.68.71: ICMP echo reply, id 1, seq 7972, length 40

      The state table from the 10 LAN after pinging the target IP from the 10 LAN
      MAIN_10 icmp 10.10.0.71:1 -> 189.167.253.16:1 0:0 4 / 0 240 B / 0 B

      I have disabled all blocking rules on the 10 network, and floating rules.

      When I disabled the BOGON block on the 10 interface, pinging 189.167.253.16 worked for about 8 packets and then stopped working again.

      Any help would be greatly appreciated.

      • none of the IP addresses are real
      1 Reply Last reply Reply Quote 0
      • B
        Brahma6 last edited by Brahma6

        I was doing some testing today and this is the output from a pfTop

        pfTop: Up Rule 1-181/181 (0), View: rules
        RULE ACTION DIR LOG Q IF PR K PKTS BYTES STATES MAX INFO
        0 Pass Any 0 0 * all
        1 Pass Any 0 0 * all
        2 Pass Any 0 0 * all
        3 Block In Log Q 25 2454 * drop inet from 169.254.0.0/16 to any
        4 Block In Log Q 27 2187 * drop inet from any to 169.254.0.0/16
        5 Block In Log 39086 6476285 * drop inet all
        6 Block Out Log 73 59514 * drop inet all

        Rule 5 increments with ping requests to the target wordpress server we are having problems getting to.

        Any idea where rule 5 is coming from?

        Thanks

        1 Reply Last reply Reply Quote 0
        • First post
          Last post