I have 2 links, but receive "Default deny rule IPv4 (1000000103)" in 1 of them for connections on ports where SSH and RDP travel.
-
Hi,
I would like the help of the community, I don't know much about PFSense and I only know the basics of management. The problem I am facing is the following:
Infra:
1 PFSense.
2 Fixed IP internet links configured as failover.
NO-IP dynamic DNS that alternates between one IP and another of the links.After updating from version 2.5 to 2.5.1, all RDP access is denied (VPN and other NAT/Firewall rules continue to function normally), in the logs the following appears: “Default deny rule IPv4 (1000000103)”.
I tried the classic restarting the system via option in the shell, through SSH access. I reset the firewall status in Diagnostics > States > Reset States. I remade the rules and changed the RDP ports in both Windows and NAT, the strangest thing I realized is that it is only denied in one of the links, in the secondary link that operates when the first one falls, it works, even with identical rules applied to both.
Another thing I must say is that after the problem I noticed by the antivirus that the machines were suffering attempts of brute force attack, which stopped for now after the change in the ports. If you have any recommendations to increase security in the RDP I would also be grateful.
If you need any more information, please let me know and I'll add them here.
Thank you in advance.