Outbound VNC connection fails

meats · Feb 11, 2011, 2:46 AM

Hi,

I have pfsense 1.2.3-Release setup as our external firewall, connecting via adsl through a router in bridge mode.
Everything is working as expected except for VNC connections to outside vnc servers. I receive the authentication request from VNC, enter the password and then have a failed to connect message from VNC.
There is nothing appearing in the firewall log being blocked and snort does not report anything blocked.
VNC worked fine before I installed pfsense and the vnc servers respond through other internet connctions not using pfsense.

The LAN rule is setup to allow everything out - that is the rule is setup as:
Interface: LAN
Protocol: Any
Source: Any
Destination: Any
Gateway: Default

It almost seems that pfsense isn't recording the state correctly?
When I view the state table after attempting a connection it is:
127.0.0.1:19010 <- {VNC Server IP}:5900 <- {My internal IP}:2429 FIN_WAIT_2:FIN_WAIT_2
Why is it coming back to 127.0.0.1?

(I also have a logging rule setup to the VNC server IP address and this doesn't log anything when I attempt a VNC connection. It does log any pings though so I know the rule is working)

Any ideas would be appreciated.

meats · Feb 11, 2011, 4:19 AM

As an update after some more searching it seems like a similar, if not the same, issue was raised in February 2009 with the following discussion but does not seem resolved?

http://forum.pfsense.org/index.php?topic=14382.0

I will keep on searching…