Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default Firewall Rule Blocking ntopng

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 524 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pokrifchakd
      last edited by pokrifchakd

      I'm having problems accessing ntopng on a newly installed pfsense+ 23.05.1 VM. Looking at the firewall logs, it appears that one of the default antispoof rules (1000003570) is blocking the connection attempt. I've got another Netgate 7100 with a similar configuration, but had not issues getting access to ntopng.

      I've got 1x WAN (vmx0) and 2x LAN (vmx1, vmx2) interfaces, and I'm attempting to connect to the static IP assigned to the default LAN port (vmx1) from a workstation on the other LAN subnet (vmx2).

      I've attached the rules.debug file for review. Can anyone help in figuring out why this rule would be blocking access?

      Thanks!

      rules.debug.txt

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @pokrifchakd
        last edited by

        @pokrifchakd

        https://docs.netgate.com/pfsense/en/latest/firewall/rule-methodology.html#anti-spoofing-rules

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        P 1 Reply Last reply Reply Quote 1
        • P
          pokrifchakd @johnpoz
          last edited by

          @johnpoz So in this case, my primary workstation is on 192.168.7.11 and the pfSense has interfaces on both 192.168.0.x and 192.168.7.x. The default route goes through another firwall/router and it may be that traffic is going via 192.168.0.x instead of directly from my workstation interface to the 192.168.7.11 interface on pfSense? It's strange, because I've been administering the pfSense via the web interface by using its 192.168.0.x address, and haven't had any problems. It wasn't until I tried adding :3000 to connect to ntopng that I got the firewall rule firing.

          This illustrates some of my current setup.
          Dual WAN Issue-Antifspoof.drawio.png

          So, any recommendations on what would fix this?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.