Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Server cannot get through OPT1 interface… firewall blocking?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dieselfuelonly
      last edited by

      Played with this off and on and haven't been able to figure it out.  When I upgraded to the latest version of PFSense a while back, I started with a clean slate.  Was working fine before.

      Now I can't get my server, connected to the OPT1 interface directly via a crossover cable to access ANYTHING, let alone ping the OPT1 interface.

      I have a rule on the OPT1 interface's firewall that looks like:

      Proto  Source  	 Port   Destination Port   Gateway
      *  	 OPT1 net  	 *  	 ! LAN net  	 *  	 * 
      

      As far as I understand, this grants the any machines on the OPT1 subnet the ability to access anything but the LAN subnet.

      When I check the firewall logs after trying to ping the OPT1 interface (192.168.1.1) I can see that it is blocking all attempts from the server, as well as DNS requests.

      Maybe I'm overlooking something obvious here… I'd really appreciate any help.

      Thanks,

      Dennis

      1 Reply Last reply Reply Quote 0
      • D
        dieselfuelonly
        last edited by

        Anyone?  I just don't see how it would be blocking traffic when there is a rule there allowing it… and that rule looks almost exactly the same as the one on the LAN interface with the exception of not being able to access a certain subnet (in this case, the LAN subnet).

        1 Reply Last reply Reply Quote 0
        • N
          nicorellius
          last edited by

          Have you tried removing this rule and creating one that allows all traffic to see if it works?  When I struggled with pfSense firewall rules, I usually found that when I started over and made more robust rules, I could track where my problems were.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.