• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Firewall rules stopped syncing after NAT change

Scheduled Pinned Locked Moved HA/CARP/VIPs
1 Posts 1 Posters 746 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    tricon
    last edited by Oct 20, 2021, 1:47 PM

    Hi,

    I had two newly installed 2.5.2-RELEASE nodes happily working together. I decided to switch to manual NAT mode so I could set manual rules.

    Unfortunately after I changed to manual NAT mode, I started seeing errors from the GUI when trying to SYNC firewall rules:

    A communications error occurred while attempting to call XMLRPC method host_firmware_version: @ 2021-10-20 13:00:52
A communications error occurred while attempting to call XMLRPC method host_firmware_version: @ 2021-10-20 13:00:53

    I tried switching back to automatic NAT mode, but the errors still appeared whenever I tried to modify a firewall rule.

    I looked in the primary node system log, it showed:

    Oct 20 13:00:51	check_reload_status	373	Syncing firewall
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: Beginning XMLRPC sync data to https://10.12.0.42:443/xmlrpc.php.
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: Beginning XMLRPC sync data to https://10.12.0.42:443/xmlrpc.php.
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: XMLRPC versioncheck: -- 21.7
Oct 20 13:00:52	php-fpm	84966	/rc.filter_synchronize: The pfSense software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem!
Oct 20 13:00:53	check_reload_status	373	Reloading filter

    The SYNC interface has the same rules on both sides:

    Screenshot from 2021-10-20 14-40-20.png

    Could the NAT mode change somehow cause mismatch between the physical rules and what appears in the GUI?

    If anyone has any clues what caused this or how to fix it please, it would be very much appreciated. Thanks!

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received