[I2P] Status "firewalled" - everything else OK
I've replaced my SOHO router with a pfsense box 1 week ago, and successfully migrated all my previous setup. All hosted services (http/https/mumble/irc/etc…) are fine with the NAT configuration I've set up. Only one service is "making resistance": I2P.
Before I go to them asking for how their "NAT OK/KO" test is done, I'd like to know if someone here successfully managed getting an I2P router fully working behing a pfsense device?
What I've done:
*created 3 ports aliases for TCP, UDP and TCP/UDP port I'd like to forward to the DMZ host.
*created 3 "port forward" entries, each one with proto matching the right ports aliases. First I used "create new associated Filter rule" option, but then I tested with this param set to "pass" without much success for I2P.
*everything works as intended... except I2P :)
Additionnaly, I have no floating rules, and DMZ filters rules are permitting:
*DMZ to "not 192.168.0.0/16" (to allow all traffic towards WAN)
*DMZ to pfsense box DMZ address for NTP & DNS ports
*everything else is rejected & logged
So... I should see if I2P tries something strange but so far, I don't get any troubleshooting material through firewall logs.
Sorry for the noise, it happears that pfsense is all fine as suspected.
I2P detection is quite sloppy, especially when dealing with a fresh install (no network communication a I2P router not know, thus no detection from incoming datagrams, thus no communication etc…).
Ok, and finally, the "non static port NAT" default feature of pfsense didn't helped either (http://doc.pfsense.org/index.php/Static_Port)
Setting static port to yes and now I2P is completely happy again.