Default LAN Rule



  • Hi,

    With two VPN site-to-site connections running on Pfsense embedded 1.2, traffic from the remote site (dst port 80) to our mail server in the LAN of the main site is blocked by the firewall LAN interface on its way back to the remote site.

    System log gives.
    @91 block drop in log quick all label "Default deny rule

    It looks like this topic has been reported several times without any clear response.

    Any suggestion on what is going on ?

    Thanks in advance,
    Bastien



  • Are you sure that the trafic is actually blocked? It could be just this what you're seeing:

    http://doc.pfsense.org/index.php/Logs_show_"blocked"_for_traffic_from_a_legitimate_connection%2C_why%3F



  • kpa,

    thanks for your reply.

    Yes, the traffic is actually blocked by the pfsense router: i've tracked the packets using tcpdump, from the client to the pfsense to the web server (Zimbra mailserver) and back to the client through the pfsense router. This is were the packets are stopped.

    I have several applications (database and a Freecom file server) accessed by remote clients  and the connection to the Zimbra mailserver is the only one blocked on its way back.

    Thanks for your help.


Log in to reply