Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Weird weird problem

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sinisterbrain
      last edited by

      I recently replaced a home brew linux iptables based firewall with pfSense, and with exception to this problem it works flawlessly.  Here are the specs:

      • pfSense version 1.0.1

      • P4

      • 1Gb RAM

      • 40Gb HDD

      • 4 x 3Com 509c 10/100 NIC's

      • NO additional packages installed

      We have a host with vmware server running on it and several guest virtual machines.

      We moved the machine and all of it's virtual hosts behind psSense and created Port-Forwarding rules (with matching Filter Rules) for ports 80 and 22 for each of the virtual machines.  This is where it gets weird…

      All of the machines, virtuals and host, can ping and ssh to/from anywhere.  But ALL HTTP requests fail.  This includes requests from AND to the internet (via wget or any other command that uses http).  On the local network and between the virtual machines, everything works fine.

      Move the physical host to another network that goes through the pfSense, it and all the virtual machines work fine.  Move it back to the DMZ and it stops working.

      Move any of the virtual machines to another physical host with ZERO changes otherwise, and they work fine.

      We have another vmware host with the SAME hardware and base OS (same revision and all) works perfectly fine inbound and outbound.  All the problems are with the single host.

      We re-installed the operating system assuming that maybe the system drivers may be corrupt... same OS, version, and updated it.  No success.

      We checked to make sure there was no local firewalls on ANY of the virtual machines or host, and even uninstalled iptables and rebooted them to be absolutely sure.

      Everything else works fine BUT HTTP requests inbound or outbound.

      I performed tcpdump's in front of and inside the firewall with the same results.  I forgot to copy and paste so no details, but this is a summary of what I see:

      From the problem machine to google.com:
      Src:  Syn
      Dst:  Syn-Ack
      Src:  Ack
      Dst: Push
      Dst: Push
      Dst: Push... etc

      From the outside to the problem machines:
      Src:  Syn
      Dst:  Syn-Ack
      Src:  Ack
      Src: Push
      Src: Push
      Src: Push... etc

      And NAT was working properly.

      Someone please tell me something constructive, because we're out of ideas.

      All the other hosts on the DMZ work fine.

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Try this.

        1. Update to a recent snapshot? ( http://snapshots.pfsense.com/FreeBSD6/RELENG_1/ ) Still having issues, go to #2
        2. System -> Advanced -> Disable Firewall Scrub, enable this option.  Work now?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.