Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense block IP, Default deny rule IPv4

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 630 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      charneval
      last edited by

      Hi

      by few days we have a problem with our installation.

      Pfsense started blocking an IP which is our and is utilized for VPN connections

      This IP can only connect with a dedicated Pass rule

      pfsense.jpg

      Do you have any idea how this happens?

      Thanks

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @charneval
        last edited by

        @charneval said in PfSense block IP, Default deny rule IPv4:

        Do you have any idea how this happens?

        No. And we can't know, just presume several scenarios. And many are just imaginable / make no sense.

        So, tell us more about your setup.
        A VPN client on your side - connecting to where / what OpenVPN server ?
        Or are 'you' (the firewall image above) the OpenVPN server, and a client is connecting ?

        Your pfSense is connected to what - an ISP upstream ISP router ?
        Are there more devices connected on that 'ISP' device ?
        The firewall log can be explained if a device connected to an upstream ISP router connects to the pfSense WAN, to access it's LAN interface. If there is no firewall pass rule for this, you will hit the wall == rule number 10000000103 or the general block all rule.

        If the image shown is your WAN interface, then the RFC1918 destination IPs (192.168.0.1) is a strange thing, as these can't come from the outside, also known as the Internet, as these are not rout-able over Internet.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yup, what is 192.168.0.1?

          What and where is the IP address you have redacted?

          What are those connections if they're supposed to be passed?

          Steve

          1 Reply Last reply Reply Quote 0
          • C
            charneval
            last edited by

            Hi,

            the problem was our fault, nothing wrong with PfSense.

            The OpenVPN client stop working with 2.6.2 udpate. It starts working again with the one that PfSense have in bundle with the config.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.