Strange problem with WAN traffic

peterclark4

Yes it does. The only traffic that seems to exhibit problems is traffic that exits the WAN interface.

All traffic between LAN and OPT2 (and vice versa) works as expected.

The interesting thing is that if I go to Diagnostics > Ping in the web gui that the ping to 8.8.8.8 works.

Does this mean that for some reason that NAT isn't working properly on the WAN interface???

cmb

Probably related to some changes that went into if_bridge for http://redmine.pfsense.org/issues/729

how are the hosts on the bridged interface configured? What's the IP subnet, default gateway and where does it reside. It may be an invalid config that shouldn't have worked before but did because of the original issue in #729.

peterclark4

What is the best way for me to start again?

Shall I delete the config.xml and re-boot?

Would this let me start again with a working/supported config?

cmb

@peterclark4:

What is the best way for me to start again?

Shall I delete the config.xml and re-boot?

Would this let me start again with a working/supported config?

I don't know, you didn't say how it's setup.

globalmcs

Were you able to fix your problem? I'm experiencing a similar issue after installing the update today…

For example in the System Log: Firewall when I try to access a web site, the LAN IP shows under Destination and the Destination IP shows under Source.

peterclark4

@globalmcs:

Were you able to fix your problem? I'm experiencing a similar issue after installing the update today…

For example in the System Log: Firewall when I try to access a web site, the LAN IP shows under Destination and the Destination IP shows under Source.

If I delete the Bridge traffic through the WAN interface works as expected. If I then re-create the Bridge I get the same symptoms again.

@cmb:

I don't know, you didn't say how it's setup.

I'm Bridging OPT1 to the WAN interface as a DMZ. The OPT1 interface has no IP assigned. All machines on the OPT1 interface are within the same subnet as the WAN interface and use the same Default gateway.

The machines on the OPT1 interface need external IP addresses assigned directly to them but also require to be protected by the firewall.

is this the recommended configuration for this?

peterclark4

Am I doing something wrong?

I thought that bridging to the WAN interface would work as a DMZ.

Does anybody know on how I get around this?

jimp

There was a patch to bridging on the 9th that might be causing a problem. Someone on IRC also had a similar problem and backing down to a snapshot from the 8th fixed it.

peterclark4

I have backed down to the snapshot from the 8th and everything is working as expected agian.

Am I right to assume that I should keep an eye out on http://redmine.pfsense.org/issues/729 before trying to upgrade to a newer snapshot?

Many Thanks

Peter

cmb

@peterclark4:

Am I right to assume that I should keep an eye out on http://redmine.pfsense.org/issues/729 before trying to upgrade to a newer snapshot?

yes