Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall blocking and need help tracking down reason

    2.0-RC Snapshot Feedback and Problems - RETIRED
    1
    2
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      getut
      last edited by

      2.0 RC1 current as of this post. I am testing from an Ubuntu Maverick 64 bit machine running Firefox 4.

      I am having a weird issue with a site being blocked but can find no reason why and nothing in the logs to show why.

      In my case the site being blocked is Google mail. PFSense is configured as an explicit proxy but also has a rule for my test client allowing it out on all ports to any IP address. Here are the weird symptoms:

      1. If the client is configured with the Sense box as its default gateway and is configured to USE the proxy, I can access all of google including gmail.
      2. If the client is configured with the Sense box as its default gateway and is NOT configured to use the proxy, I can browse to any web site including google. I can even log into google, but I can't get to the actual gmail page with the inbox etc.
      3. If the client is put on a seperate network with no proxy at all, then everything works again.

      Oddly enough, the only failures are occuring when using the sense box as default gateway but NOT using proxying services. How can I go about tracking down the cause of this?

      1 Reply Last reply Reply Quote 0
      • G
        getut
        last edited by

        Solved it. I knew from the beginning this was a self created problem, but I knew of no way to rule out which piece of the puzzle was causing it.

        I lucked up and found it through no special dianostic method other than remembering I had changed a setting in an attempt to solve a different problem I was having a month or so back.

        I have specified an MTU of 1460 for the WAN interface. If I set it to 1500 or blank, everything works like it is supposed to.

        I have no idea why this only affected traffic that was bypassing the proxy services.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.