Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Private traffic over two firewalls not working

    Firewalling
    2
    3
    1281
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      redeye last edited by

      Hi,

      I've create the following setup

      192.168.1.1 | LAN –---- Transparent FW1 ------ WAN | ----- L2 vlan ---- | WAN ------ Transparent FW2 ------ LAN | 192.168.1.2

      I want to be able to communicate between the two private lans which is not working now. When I use Public ip's in the lan segments then it works.

      I disabled Block private networks and Block bogon networks.

      When I open a http session from 192.168.1.1 to 192.168.1.2 I see the request arriving on the FW2 in the packet capture and I see the response back, but with a bad cksum 0! That reply does not arrive back on FW1.

      What could be the cause of BAD CHECKSUMS (pfsense bug?) (I imported the dump in WireShark and it still was bad) Could this be the reason that this setup is not working?

      Last but not least, how to fix this ?

      (Using 1.2.3-RELEASE built on Sun Dec 6 23:21:36 EST 2009)

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        If the checksums are done in hardware, software tools will often think they aren't right even though they are correct, but were handled at the hardware level.

        If you suspect it's the hardware checksums, there is a checkbox under the Advanced options to turn them off. It wasn't clear from your message if you had already tried this step.

        1 Reply Last reply Reply Quote 0
        • R
          redeye last edited by

          @jimp:

          If the checksums are done in hardware, software tools will often think they aren't right even though they are correct, but were handled at the hardware level.

          If you suspect it's the hardware checksums, there is a checkbox under the Advanced options to turn them off. It wasn't clear from your message if you had already tried this step.

          Yup, that was it. Thx m8. It's now working smooth. :)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy