New Vlan and Default deny rule IPv4
-
@michmoor Hi, No I cannot ping from the client to the gateway(pfsense) but from the pfsense I can ping the clients.
I agree, something is most likely misconfigured. But I haven't been able to find where.
Looking at the arp cache, the client finds the pfsense and the firewall log say Deny:
Client ipconfig
-
@ricbjo Do you have floating rules? This seems like a floating rule being hit which would make sense as thats first and then interface rules.
-
-
@michmoor Only the pfBlock and it doesn't seem to have any traffic logged on them. I haven't really started using it.
I'm planning on doing a restart.
-
@SteveITS Did a reload, no errors and no difference. And one of my issues is that incoming ISAKMP and that was one of the earlier things I set up.
-
@SteveITS Sorry, there was an error:
-There were error(s) loading the rules: /tmp/rules.debug:35: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [35]: table <bogonsv6> persist file "/etc/bogonsv6"Sincde I don't use IPv6 (wich I think this relates to) I ignored it.
-
@ricbjo
Very strange. Can we try a system reload ? -
@ricbjo In the pfSense system options on the firewall page ensure your max table size is at least 2 million and raise as necessary.
-
Thanks so much!!
I updated to the 2.7.1 version with reboot and now it seem to be working. :-) -
@SteveITS For future reference... I also had to raise the max table size and that made the rule loading error go away. Also when adding new rules today, they were not applied until I had raised the max table size and reloaded.