4. Issue with Firewall and NFS.

Issue with Firewall and NFS.

  • A

    Hi all,
    I'm using pfSense 2.0.1 as Loadbalancer and Firewall. Everything work fine (LB, http & https rules…) but not the NFS access !!
    When Firewall is on, even if TCP/UDP is allowed from : to :,  I cannot mount the NFS share from a CentOS. Furthermore, I do not have any port blocked in the log.
    If I desactivate the Firewall… it works... !!!
    I do not think it is related to port numbers because I have the same issue if everything is allowed.
    Really, I do not understand the difference between no firewall and firewall allowing everything.
    Any idea would be appreciated.
    thanks,

    0

  • take a look at system->advanced -> firewall/NAT -> IP Do-Not-Fragment compatibility

    description says:
    Clear invalid DF bits instead of dropping the packets
    This allows for communications with hosts that generate fragmented packets with the don't fragment (DF) bit set. Linux NFS is known to do this. This will cause the filter to not drop such packets but instead clear the don't fragment bit.

    0
  • A

    hi, still the same issue :  timed out…
    "clear invalid DF bits" & "Disables the PF scrubbing" are both checked !! 
    Really weird !

    0
  • C

    It's likely NAT that's breaking it rather than the firewall. Static port is generally necessary to not break NFS.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy