Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [I2P] Status "firewalled" - everything else OK

    NAT
    1
    3
    7822
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elgo
      last edited by

      Hi,

      I've replaced my SOHO router with a pfsense box 1 week ago, and successfully migrated all my previous setup. All hosted services (http/https/mumble/irc/etc…) are fine with the NAT configuration I've set up. Only one service is "making resistance": I2P.
      Before I go to them asking for how their "NAT OK/KO" test is done, I'd like to know if someone here successfully managed getting an I2P router fully working behing a pfsense device?

      What I've done:
      *created 3 ports aliases for TCP, UDP and TCP/UDP port I'd like to forward to the DMZ host.
      *created 3 "port forward" entries, each one with proto matching the right ports aliases. First I used "create new associated Filter rule" option, but then I tested with this param set to "pass" without much success for I2P.
      *everything works as intended... except I2P :)

      Additionnaly, I have no floating rules, and DMZ filters rules are permitting:
      *DMZ to "not 192.168.0.0/16" (to allow all traffic towards WAN)
      *DMZ to pfsense box DMZ address for NTP & DNS ports
      *everything else is rejected & logged

      So... I should see if I2P tries something strange but so far, I don't get any troubleshooting material through firewall logs.
      Help? :)

      1 Reply Last reply Reply Quote 0
      • E
        elgo
        last edited by

        Sorry for the noise, it happears that pfsense is all fine as suspected.
        I2P detection is quite sloppy, especially when dealing with a fresh install (no network communication a I2P router not know, thus no detection from incoming datagrams, thus no communication etc…).

        1 Reply Last reply Reply Quote 0
        • E
          elgo
          last edited by

          Ok, and finally, the "non static port NAT" default feature of pfsense didn't helped either (http://doc.pfsense.org/index.php/Static_Port)
          Setting static port to yes and now I2P is completely happy again.

          Solved.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post