4. Weird PING Response

Weird PING Response

  • H

    This is what i notice at my slave pfsense

    ping 192.168.0.229

    PING 192.168.0.229 (192.168.0.229): 56 data bytes
    ping: sendto: Operation not permitted
    ping: sendto: Operation not permitted
    ping: sendto: Operation not permitted
    64 bytes from 192.168.0.229: icmp_seq=3 ttl=64 time=0.856 ms
    64 bytes from 192.168.0.229: icmp_seq=4 ttl=64 time=0.291 ms
    64 bytes from 192.168.0.229: icmp_seq=5 ttl=64 time=0.179 ms
    64 bytes from 192.168.0.229: icmp_seq=6 ttl=64 time=0.351 ms
    64 bytes from 192.168.0.229: icmp_seq=7 ttl=64 time=0.239 ms
    64 bytes from 192.168.0.229: icmp_seq=8 ttl=64 time=0.253 ms
    64 bytes from 192.168.0.229: icmp_seq=9 ttl=64 time=0.282 ms

    It shows operation not permitted and suddenly i got response from ping. At the master pfsense there is always response from ping.

    From my understanding Operation not permitted is due to firewall rules… any idea as the rules is transfered from master anyway and ICMP is permitted.

    0
  • H

    I had change all my connection to a new switch and reinstall PFsense.

    However, for the secondary pfsense, everytime after restart it working fine where able to ping continuously to other hosts.

    however when i come in the second day.. it show the ping response as "operation not permitted" again. everything will work well after reboot…

    i try to find the log what happened to the system, hardware...network device... etc... but i dun see any abnormal log in /var/log/system.log....

    1. am i refering to the correct log file?? is there other log file available??
    2. in the web gui, under log setting i only configure remote syslog server to take firewall log only.. i suppose all other logs are still in servers.

    0
  • H

    Any idea what happened??

    I am running on 2 PFsense. One as Master and the other as secondary. Recently the master server will hang and unable to route to the DMZ section. When it hang the secondary server will not kick in either.

    Wondering is it because of Ping response that cause the secondary server does not kick in.

    Question

    1. In normal condition, I should able to ping both IP address of the master and secondary server right? For my case i can't ping the secondary server unless i restart it

    2. the firewall seems not functioning, what i need to monitor in the log or the server performance???

    0
  • Y

    Try updating to the latest snapshot at http://snapshots.pfsense.com/FreeBSD6/RELENG_1/updates/

    0
  • H

    yup i just update the pfsense to latest snapshot. will monitor it. by the way.. for the secondary pfsense the state table keep increasing. isn't that all the traffic should pass throught master server rather than secondary??

    0
  • H

    If you enabled syncing it will sync states too. Otherwise all cennections would be dropped on failover and would need to be reestablished.

    0
  • H

    Oh got it. thanks.

    But i still unable to ping the secondary pfsense LAN IP address althought is the latest snapshot - 02-21-2007. will able to ping only after i reboot the secondary pfsense again

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy