Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    @85 block drop in log quick all label "Default deny rule"

    Scheduled Pinned Locked Moved Routing and Multi WAN
    8 Posts 3 Posters 8.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      harritz3257
      last edited by

      Hello.

      Im running out of ideers, and hoping someone here can help me.

      pfSense is located in 192.168.249.0/24, using 192.168.249.205 as gateway.

      192.168.249.205 is a core switch with several vlans.

      VLANS:
      192.168.240.0 / 24 (gateway 192.168.240.205 (The same switch as 192.168.249.205)
      192.168.242.0 / 24 (gateway 192.168.242.205 (The same switch as 192.168.249.205)
      192.168.244.0 / 24 (gateway 192.168.244.205 (The same switch as 192.168.249.205)

      On 192.168.249.205 is a 0.0.0.0 0.0.0.0 route to 192.168.249.64 (pfSense)

      from 192.168.249.0 / 24 i can access all pages but from 192.168.240, 242 and 244 i CANT access 62.199.234.161 (www.turbestilling.dk)

      Feb 5 10:05:18 LAN 192.168.242.106:1578 62.199.234.161:443 TCP:S
      Feb 5 10:05:27 LAN 192.168.242.106 62.199.234.161 ICMP

      I've attached alot of pictures.

      I hope someone can help me.

      Regards Michael

      1 Reply Last reply Reply Quote 0
      • H
        harritz3257
        last edited by

        Attached picture of package drops.

        Unavngivet.JPG
        Unavngivet.JPG_thumb
        Unavngivet1.JPG
        Unavngivet1.JPG_thumb
        lan.JPG
        lan.JPG_thumb

        1 Reply Last reply Reply Quote 0
        • H
          harritz3257
          last edited by

          Network typ.

          Drawing1.jpg
          Drawing1.jpg_thumb

          1 Reply Last reply Reply Quote 0
          • H
            harritz3257
            last edited by

            WAN

            wan.JPG
            wan.JPG_thumb

            1 Reply Last reply Reply Quote 0
            • P
              Perry
              last edited by

              If it's only one site I would try Disable Hardware Checksum Offloading

              /Perry
              doc.pfsense.org

              1 Reply Last reply Reply Quote 0
              • H
                harritz3257
                last edited by

                @Perry:

                If it's only one site I would try Disable Hardware Checksum Offloading

                I just tried.. didnt help..

                Still get the same error in the System log under Firewall.

                Regards Michael

                1 Reply Last reply Reply Quote 0
                • B
                  blak111
                  last edited by

                  Your default allow rule on the LAN interface has the source set to only the LAN subnet. Change it to 192.168.128.0/17 or something that covers all of the networks that route through pfSense.

                  1 Reply Last reply Reply Quote 0
                  • H
                    harritz3257
                    last edited by

                    @blak111:

                    Your default allow rule on the LAN interface has the source set to only the LAN subnet. Change it to 192.168.128.0/17 or something that covers all of the networks that route through pfSense.

                    It worked.!! Your my savior!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.