Bridge Mode Question



  • I have setup pfsense in bridge mode and will be using the package snort.  The WAN and LAN interfaces are set to allow all traffic through.  Ports 80 and 443 work like a champ, but am having issues with a particular application.

    It is an Indiana state court Web based application called Odyssey and is a requirement on the network.  The URL is Ody://incmsprod.in.gov/SignOn/SignOn.asp.  I believe that it uses port 7990 or something like that.  When pfsense is running in bridge with '*' on all the WAN and LAN rules, the application fails.  When I pull it, it works.

    The pfsense pfsense in front of two Cisco 5520 Firewalls that run in fail over.  Can't put in front of the firewalls because of fiber.

    The Snort package has not been installed yet.  Has anyone heard of a similiar issue?

    Thanks in advance!



  • Do your firewall logs show it blocked?    Is the app udp and your set to tcp??  Just some ideas…  Simple stuff I usually catch myself at...  ;)



  • Streaker,

    I am not sure this does you any good, But I ran into similar situation on a state 'have to have ' application for our school that simply would not work going through squid.( If I disabled squid, temporarily the client app would work).
    Long story short I had to put this particular workstation on the 'bypass' squid setting,, in the squid properties.
    You did not mention if you are actually using squid.
    My theory is and still is,,it has something to do with this client program uses .NET framework as its core?
    I don't think it makes any difference what the port number is,
    See if your particular client app uses .NET as its core. I would be interested to compare.

    Take Care,
    Barry



  • Thanks for the replies.

    The unit is set in bypass.  In the Lan/Wan settings both TCP and UDP are set to all all traffic.  Need to check the firewall logs.

    I don't believe that any other services are loaded on the system, but will check.



  • Update to the question.  Initial issue resolved due to problems with cached mak address being seen by the firewall devices and our switches.


Log in to reply