4. Issue with Firewall and NFS.

Issue with Firewall and NFS.

  • A

    Hi all,
    I'm using pfSense 2.0.1 as Loadbalancer and Firewall. Everything work fine (LB, http & https rules…) but not the NFS access !!
    When Firewall is on, even if TCP/UDP is allowed from : to :,  I cannot mount the NFS share from a CentOS. Furthermore, I do not have any port blocked in the log.
    If I desactivate the Firewall… it works... !!!
    I do not think it is related to port numbers because I have the same issue if everything is allowed.
    Really, I do not understand the difference between no firewall and firewall allowing everything.
    Any idea would be appreciated.
    thanks,

    0

  • take a look at system->advanced -> firewall/NAT -> IP Do-Not-Fragment compatibility

    description says:
    Clear invalid DF bits instead of dropping the packets
    This allows for communications with hosts that generate fragmented packets with the don't fragment (DF) bit set. Linux NFS is known to do this. This will cause the filter to not drop such packets but instead clear the don't fragment bit.

    0
  • A

    hi, still the same issue :  timed out…
    "clear invalid DF bits" & "Disables the PF scrubbing" are both checked !! 
    Really weird !

    0
  • C

    It's likely NAT that's breaking it rather than the firewall. Static port is generally necessary to not break NFS.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy