[Solved] Strange problem with pfsense on two location



  • Hi pfsense community,

    I've been trying to figure this out all night and I can't seem to figure it out by myself. So I'm turning to you guys since some of you are way more experienced in this then I am.

    I have a mysql server running behind a pfsense 2.0-RC3 box. I've made a port forward so that the mysql server is able to accept connections from the outside world (WAN). If I connect from a server that is in the outside world it works fine, if I connect from another pfsense 2.0-RC3 box within the console of the pfsense box it works fine. If I connect from a server that is behind that pfsense 2.0-RC3 box I keep getting this error: ERROR 2013 (HY000): Lost connection to MySQL server at 'reading authorization packet', system error: 0.
    Am I suppose to make some kind of port forward on the pfsense box infront of the server that is trying to establish connection to the mysql server? I've tried to make a "telnet HOST 3306" that does not work either. But if I log into the console on the pfsense box and try to do the same it works flawless. I'm really lost here any help would be greatly appreciated.

    Thanks in regard.

    After 2 restarts of the pfsense box, it worked. Don't ask me why.



  • @c0urier:

    if I connect from another pfsense 2.0-RC3 box within the console of the pfsense box it works fine. If I connect from a server that is behind that pfsense 2.0-RC3 box I keep getting this error: ERROR 2013 (HY000): Lost connection to MySQL server at 'reading authorization packet', system error: 0.

    I don't think this is related to pfsense.

    How do you connect to mysql from the console? Are you just using telnet to see if you got a connection or are you using mysql cli?

    That error message you are describing is related to many different problem with mysql client/server and mostly not any firewall between them.

    // rancor



  • I've tested both with: "mysql -h IP -u USER -p" and "telnet IP 3306". Three different machines behind the pfsense box 2x Debian Wheezy x64 and one Windows 7. All give the same result with telnet/mysql. If I do it locally from the pfsense box on that site it works fine.
    If I test from a Debian Wheezy that's not behind a pfsense 2.0-RC3 box it works fine. Same mysql client as those behind the pfsense box.



  • Are you connecting to the same IP or is the server multi homed? Do you have any firewall rules within your mysql server?

    Is your /etc/hosts.deny or /etc/hosts.allowed altered?

    // rancor



  • 1: It's the same IP.
    2: No rules within the mysql server.
    3: hosts.deny has not been altered but hosts.allowed has been to test "mysqld: ALL: ALLOW" and "mysqld-max: ALL: ALLOW"



  • Have you tested to change connect-timeout in my.cnf?

    Add connect-timeout=20 and restart mysqld



  • Tried raising it to 1600, followed the recommendation I could find on mysql's forum. Non of them worked.


Log in to reply