Static Route affecting Traffic, worked in 1.2.3



  • PFsense is default gateway(10.0.0.1), Cisco router(10.0.0.4) with VPN to 192.168.1.0/24.  Static route setup for 192.168.1.0/24 to go to 10.0.0.4 gateway.  Everything works(including no dropped pings to the 192.168.1.0 network), except one feature of a proprietary application(which uses the 192.168.1.0 network) only works about 20% of the time.  Pfsense 1.2.3 setup the same way works with no problems, also if I manually set a static route on the workstation it works with no problems.  I see no dropped packets in the firewall log and I have filtering disabled for traffic on the same interface.

    So what is the difference between the way static routes are handled on 2.0.1 vs 1.2.3 which could cause my problems?



  • I am not sure but I know there is some. There are things that you used to be able to do that you cannot any longer. This sounds like a simple route and should work with out to much issue. Do you see any dropped packets in the firewall logs?



  • The newer version of PF is a bit stricter on asymmetrically routed traffic, the "bypass firewall for traffic on same interface" works around that though. Aside from that, there isn't any difference in that scenario. There isn't anything you used to be able to do that you can't do now.

    What protocol does this problematic application use? Does everything else work (primarily TCP traffic, pings and UDP aside)? What does a packet capture look like?


Locked