4. Ip fixo Wan e Ip fixo Lan

Ip fixo Wan e Ip fixo Lan

  • M

    Olá pessoal, tudo bem?

    Estou com um problema aqui na minha empresa, segue o caso.

    Tenho que usar na loja da empresa um sistema para acesso a Smartphones, Tablets ou mesmo Notebook. Decidi usar o captive portal no pfsense, até aí tudo beleza, porém agora vem a melhor parte. Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento. Porém esta máquina que possuirá o captive portal, ficará somente na loja e somente para acesso a web, então foi criado um apelido em nosso firewall principal com o IP: 129.80.30.1/24, fiz as configurações na Wan: 129.80.30.2/24 GW:129.80.30.1/24, até aí blz, fiz um ping e já está acessando externamente, mas a lan adicionei o ip: 129.100.29.2/24 gw: 129.80.30.2/24 porém não está pingando externamente e o captive portal não está funcionando. Lembrando que esta faixa de ip é totalmente diferente da minha rede, que por segurança, não queremos que passe informações pela nossa rede interna.

    Fico no aguardo de uma resposta. Att.

    0

  • Desta forma não vai funcionar.

    O cAptive portal precisa estar no Caminho de acesso a internet e não paralelo a ela.

    0
  • M

    Olá,
    até posso concordar contigo, porém o firewall que setamos os endereços de IP, redireciona todo o acesso para a banda larga, agora chegue a fazer funcionar, mas funciona apenas se colocar no browser o endereço de IP de um site qualquer, daí ele puxa as informações do captive portal. Minha dúvida, como faço para que ele resolva os nomes que digito no browser.

    0
  • M

    Pessoal,

    O que vocês me indicam para resolver o meu problema.??

    0

  • @marcelo:

    como faço para que ele resolva os nomes que digito no browser.

    ele quem????

    ( ) pfsense
    ( ) captive portal
    ( ) browser do cliente

    0
  • M

    O que quero fazer é resolver o problema em questão, que o captive portal acesse nas máquinas dos clientes e que ele saia pela regra estabelecida pelo firewall. A minha WAN que possui o IP: 129.80.30.2/24 etá pingando, porém a LAN agora com o IP: 129.100.30.2/24 está pingando, o problema é que ele não consegue resolver os nomes DNS, visto que se atribuir um endereço de ip de um site ele abre a tela do captive portal, já atribuindo apenas o nome do site ele nem abre o captive portal, o que poderia fazer para que os serviços funcionem. Podem sugerir alguma idéia.?

    0

  • @marcelo:

    o problema é que ele não consegue resolver os nomes DNS

    Seu dns esta fora da rede? já tentou apontar o dns para o pfsense ou seu ad?

    0
  • M

    Marcelo,

    Pode me dizer como faço isso, já tentei usar o DNS Forward e não deu certo, acredito que seja haja outra opção para configurar o DNS, pode me passar algumas dicas??

    0
  • A

    Quem está entregando IP na sua rede?? o PFSENSE ou o firewall?

    Se for o PFSENSE, configure DHCP server apontando o DNS para o ip do seu PFSENSE, deve resolver o problema de DNS.

    Att.

    Pablo Guimarães

    0
  • M

    Quem está entregando o ip no Pfsense é o Firewall Segue da seguinte maneira:

    Wan: 129.80.30.2/24                                     
    129.80.30.1/24                  GW: 129.80.30.1/24                                sem ip
      Firewall–----------------------Pfsense–------------------------AP Router
                                            Lan: 129.100.30.2/24
                                            GW: 129.80.30.2/24
                                      DHCP: 129.100.30.10/24 a 129.100.30.80/24

    Situação: Pfsense,

    Ping google.com.br pela Wan, OK
    Ping google.com.br pela Lan, erro
    ping 200.180.239.23 pela Wan, OK
    ping 200.180.239.23 pela Lan, OK

    Acessando pelo pfsense desta maneira pelo browser, aparece a página do captive portal. Se digitar google.com.br dá erro de página.

    Alguém tem alguma sugestão de como resolvo isso.?

    0

  • tem certeza que o gateway da sua lan é o ip do firewall?

    normalmente, a lan fica sem gateway.

    0
  • M

    @marcelloc:

    tem certeza que o gateway da sua lan é o ip do firewall?

    normalmente, a lan fica sem gateway.

    Adicionado da seguinte maneira:

    Wan: 129.80.30.2/24                                     
    129.80.30.1/24                  GW: 129.80.30.1/24                          sem ip
      Firewall–----------------------Pfsense--------------------------AP Router
                                            Lan: 129.100.29.2/24
                                            GW: none
                                      DHCP: 129.100.30.10/24 a 129.100.30.80/24

    Adicionei em General Setup os DNS Servers:

    200.199.252.68  WAN
    200.199.241.17  WAN
    8.8.8.8              WAN

    Deixei habilitado as duas opções abaixo do DNS Server

    Em DHCP Server na LAN

    Range: 129.100.29.10 t 129.100.29.200

    DNS server: 129.100.29.2
    Gateway: 129.100.29.2

    Resultado:

    Ping bol.com.br pela WAN--OK
    Ping bol.com.br pela LAN--OK

    Nas máquinas clientes, não navega, nem mesmo desabilitando o Captive Portal, não funciona. A configuração que pega as maquinas está da seguinte maneira:

    Endereço de IPV4: 129.100.29.10
    Máscara de Sub-rede: 255.255.255.0
    Gateway Padrão: 129.100.29.2
    Servidor DHCP: 129.100.29.2
    Servidor DNS: 129.100.29.2

    Alguém pode me dizer o que está havendo para que ele não funcione corretamente, está bem complicado.

    0

  • @marcelo:

    Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento.

    Depois de conferir seus nats de saída (firewall -> nat -> outbound), os proximos passos são usar o tcpdump e analisar as regras de liberação e bloqueio dos dois firewalls.

    0
  • M

    @marcelloc:

    @marcelo:

    Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento.

    Depois de conferir seus nats de saída (firewall -> nat -> outbound), os proximos passos são usar o tcpdump e analisar as regras de liberação e bloqueio dos dois firewalls.

    O nat deixei habilitado a opção automática. Utilizei o tcpdump para buscar as devidas informações sobre o problema, segue:

    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes
11:54:17.015161 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 2127699073, win 513, length 52
11:54:17.015353 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 196
11:54:17.018095 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 248, win 432, length 0
11:54:17.134935 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 114437472, win 4101, length 0
11:54:17.504795 IP elf-0005.localdomain.netbios-ns > 10.2.2.39.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
11:54:17.973237 IP elf-0005.localdomain.63529 > 10.2.2.223.snmp:  C=internal GetRequest(29)  43.5.1.1.2.1
11:54:18.017184 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 628
11:54:18.219769 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 876, win 429, length 0
11:54:18.255672 IP elf-0005.localdomain.55133 > pfsense.localdomain.domain: 60232+ A? talk.google.com. (33)
11:54:18.945823 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 1, win 4101, length 763
11:54:18.946006 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 507, length 0
11:54:19.004961 IP elf-0005.localdomain.netbios-ns > 10.2.2.39.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
11:54:19.087744 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.087780 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.087804 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.087826 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.087846 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.087867 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 763, win 513, length 1070
11:54:19.094465 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 2921, win 4380, length 0
11:54:19.094632 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.094662 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.094687 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
11:54:19.094707 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 763, win 513, length 43
11:54:19.100029 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 5841, win 4380, length 0
11:54:19.100562 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 8371, win 4380, length 0
11:54:19.106524 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 11291, win 4380, length 0
11:54:19.108229 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 12794, win 4380, length 0
11:54:19.515299 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:19.516434 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:19.517583 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:19.518550 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:19.851286 IP6 fe80::7d49:51c9:3e5:f0b1.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 solicit
11:54:19.973405 IP elf-0005.localdomain.63530 > 10.2.2.223.snmp:  C=internal GetRequest(29)  43.5.1.1.2.1
11:54:20.258180 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:20.440340 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
11:54:20.546029 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
11:54:21.007017 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:21.113772 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 12794, win 4380, length 763
11:54:21.113962 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 507, length 0
11:54:21.249958 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.249995 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.250017 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.250038 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.250109 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.250134 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 1526, win 513, length 1070
11:54:21.250682 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.250714 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.258137 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 15714, win 4380, length 0
11:54:21.258347 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
11:54:21.258375 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 1526, win 513, length 43
11:54:21.259033 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 18634, win 4380, length 0
11:54:21.265219 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 21164, win 4380, length 0
11:54:21.269256 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 24084, win 4380, length 0
11:54:21.271159 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 25587, win 4380, length 0
11:54:21.440258 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
11:54:21.546215 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
11:54:21.757059 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:21.974123 IP elf-0005.localdomain.61151 > 10.2.2.223.snmp:  C=internal SetRequest(471)  E:2435.2.3.9.2.11.1.1.0=[|snmp]
11:54:22.256323 IP elf-0005.localdomain.55133 > pfsense.localdomain.domain: 60232+ A? talk.google.com. (33)
11:54:22.440066 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
11:54:22.513267 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:22.515010 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
11:54:22.515934 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:22.517031 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:22.517689 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:22.546261 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
11:54:23.276871 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 25587, win 4380, length 763
11:54:23.277031 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 507, length 0
11:54:23.279935 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 25587, win 4380, length 763
11:54:23.280136 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 0
11:54:23.345388 IP elf-0005.localdomain.63528 > pfsense.localdomain.domain: 46260+ SOA? elf-0005.maquina.local. (38)
11:54:23.418525 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.418562 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.418587 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.418607 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.418628 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.418651 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 2289, win 513, length 1070
11:54:23.419306 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.419340 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.419409 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
11:54:23.419429 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 2289, win 513, length 43
11:54:23.423448 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 28507, win 4380, length 0
11:54:23.429586 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 31427, win 4380, length 0
11:54:23.432085 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 33957, win 4380, length 0
11:54:23.438770 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 36877, win 4380, length 0
11:54:23.440350 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 38380, win 4380, length 0
11:54:23.515182 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
11:54:24.186569 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 164
11:54:24.388416 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 1040, win 428, length 0
11:54:24.440341 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
11:54:24.515313 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
11:54:24.546419 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
11:54:24.974239 IP elf-0005.localdomain.61967 > 10.2.2.223.snmp:  C=internal SetRequest(471)  E:2435.2.3.9.2.11.1.1.0=[|snmp]
11:54:25.446122 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 38380, win 4380, length 763
11:54:25.446301 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 507, length 0
11:54:25.587203 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.587243 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.587266 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.587286 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.587306 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.587328 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3052, win 513, length 1070
11:54:25.587982 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.588012 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.588058 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
11:54:25.588081 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3052, win 513, length 43
11:54:25.593785 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 41300, win 4380, length 0
11:54:25.596446 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 44220, win 4380, length 0
11:54:25.605919 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 46750, win 4380, length 0
11:54:25.607590 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 49670, win 4380, length 0
11:54:25.608886 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 51173, win 4380, length 0
11:54:26.268720 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:26.581663 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
11:54:26.582471 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
11:54:27.006813 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:27.466719 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
11:54:27.811965 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 51173, win 4380, length 763
11:54:27.812134 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 507, length 0
11:54:27.812928 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:27.953837 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.953876 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.953902 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.953923 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.953943 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.953965 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 1070
11:54:27.954562 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.954595 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.954616 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:27.954635 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 38
11:54:27.959723 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 5
11:54:28.226100 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.482102 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 52633, win 4380, length 0
11:54:28.482230 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.482264 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.483137 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
11:54:28.487046 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
11:54:28.487802 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 55553, win 4380, length 0
11:54:28.487877 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.487907 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.487937 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.510564 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 58473, win 4380, length 0
11:54:28.510619 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.510646 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
11:54:28.510672 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 1113
11:54:28.518742 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0
11:54:28.541190 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 61393, win 4380, length 0
11:54:28.542036 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 63966, win 4380, length 0
11:54:28.546593 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
11:54:29.705311 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
11:54:29.706161 IP elf-0005.localdomain.51941 > 10.2.2.62.5052: Flags [s], seq 1354435444, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
11:54:30.244667 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 148
11:54:30.487608 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
11:54:30.515023 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
11:54:30.515973 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
11:54:30.546514 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 63966, win 4380, length 763
11:54:30.546671 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 507, length 0
11:54:30.687390 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.687425 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.687448 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.687468 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.687487 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.687508 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 4578, win 513, length 1070
11:54:30.709115 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 66886, win 4380, length 0
11:54:30.709274 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.709305 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.729263 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 69806, win 4380, length 0
11:54:30.729334 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
11:54:30.729357 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 4578, win 513, length 43
11:54:30.751282 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 72336, win 4380, length 0
11:54:30.752293 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 75256, win 4380, length 0
11:54:30.753026 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 76759, win 4380, length 0
11:54:30.915690 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 148
11:54:31.116015 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 1188, win 428, length 0
11:54:31.245491 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [.], ack 1, win 513, length 1460
11:54:31.453858 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 2648, win 422, length 0
11:54:31.454033 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 1172
11:54:31.671076 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 3820, win 418, length 0
11:54:32.441598 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
11:54:32.490701 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 212
11:54:32.515182 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
11:54:32.516204 IP elf-0005.localdomain.51941 > 10.2.2.62.5052: Flags [s], seq 1354435444, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
^C11:54:32.547775 IP6 fe80::7d49:51c9:3e5:f0b1.55584 > ff02::1:3.5355: UDP, length 24
[/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s]
    0

  • Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

    0
  • M

    @marcelloc:

    Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

    0

  • @marcelo:

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

    O que tinha visto era um pftop e não o tcpdump que está lá

    a unica comunicação que não acontece naquele tcpdump é esta

    11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

    Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

    se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

    sugestão de comando
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

    ou para monitorar uma porta específica
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar

    0
  • M

    @marcelloc:

    Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

    Sim, sem problemas, segue o tcpdump logo acima.

    0
  • M

    @marcelloc:

    @marcelo:

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

    O que tinha visto era um pftop e não o tcpdump que está lá

    a unica comunicação que não acontece naquele tcpdump é esta

    11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

    Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

    se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

    sugestão de comando
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

    ou para monitorar uma porta específica
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar

    Segue o único que consegui capturar foi o da Lan o da Wan nem aparece:

    12:58:13.159110 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 33957, win 4380, length 0
    12:58:13.165272 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 36877, win 4380, length 0
    12:58:13.166787 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 38380, win 4380, length 0
    12:58:15.172241 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 38380, win 4380, length 763
    12:58:15.172399 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 507, length 0
    12:58:15.322704 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322742 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322767 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322787 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322807 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322830 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 1070
    12:58:15.323495 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.323552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.331953 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 41300, win 4380, length 0
    12:58:15.332120 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.332148 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 43
    12:58:15.334740 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 44220, win 4380, length 0
    12:58:15.340753 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 46750, win 4380, length 0
    12:58:15.345012 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 49670, win 4380, length 0
    12:58:15.347078 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 51173, win 4380, length 0
    12:58:17.352806 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 51173, win 4380, length 763
    12:58:17.353017 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 507, length 0
    12:58:17.494279 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494318 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494343 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494366 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494387 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494409 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 1070
    12:58:17.495086 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495143 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495168 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495187 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 43
    12:58:17.499396 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 54093, win 4380, length 0
    12:58:17.505637 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 57013, win 4380, length 0
    12:58:17.511538 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 59543, win 4380, length 0
    12:58:17.512097 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 62463, win 4380, length 0
    12:58:17.516183 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 63966, win 4380, length 0
    12:58:19.522338 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 63966, win 4380, length 763
    12:58:19.522532 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 507, length 0
    12:58:19.659552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659597 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659623 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659644 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659665 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659687 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 1070
    12:58:19.660252 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660286 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660310 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660329 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 38
    12:58:19.665398 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 5
    12:58:19.666263 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 66886, win 4380, length 0
    12:58:19.668849 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 69806, win 4380, length 0
    12:58:19.677936 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 72336, win 4380, length 0
    12:58:19.680184 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 75256, win 4380, length 0
    12:58:19.681137 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76754, win 4380, length 0
    12:58:19.883162 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76759, win 4378, length 0
    12:58:21.686017 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 76759, win 4378, length 763
    12:58:21.686212 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 507, length 0
    12:58:21.827540 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827576 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827603 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827624 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827645 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827667 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 1070
    12:58:21.828327 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828383 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828430 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828450 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 43
    12:58:21.836238 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 79679, win 4380, length 0
    12:58:21.837172 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 82599, win 4380, length 0
    12:58:21.844750 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 85129, win 4380, length 0
    12:58:21.847214 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 88049, win 4380, length 0
    12:58:21.848813 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 89552, win 4380, length 0
    12:58:23.854168 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 89552, win 4380, length 763
    12:58:23.854345 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 507, length 0
    12:58:23.996376 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996416 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996446 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996467 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996488 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996510 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 1070
    12:58:23.997733 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997816 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997842 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997862 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 43
    12:58:24.001467 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 92472, win 4380, length 0
    12:58:24.007193 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 95392, win 4380, length 0
    12:58:24.010677 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 97922, win 4380, length 0
    12:58:24.016996 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 100842, win 4380, length 0
    12:58:24.018631 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 102345, win 4380, length 0
    12:58:26.024364 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 102345, win 4380, length 763
    12:58:26.024553 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 507, length 0
    12:58:26.161181 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161218 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161244 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161265 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161285 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161307 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 1070
    12:58:26.161895 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161924 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161946 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161966 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 38
    12:58:26.167130 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 5
    12:58:26.169842 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 105265, win 4380, length 0
    12:58:26.173930 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 108185, win 4380, length 0
    12:58:26.175105 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 110715, win 4380, length 0
    12:58:26.182923 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 113635, win 4380, length 0
    12:58:26.184124 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115133, win 4380, length 0
    12:58:26.381831 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115138, win 4378, length 0

    0

  • parece trafego da sua maquina para a interface do pfsense.

    0
  • M

    @marcelloc:

    parece trafego da sua maquina para a interface do pfsense.

    Certo, o que mais eu poderia fazer?

    0

  • @marcelo:

    Certo, o que mais eu poderia fazer?

    Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.

    0
  • M

    @marcelloc:

    @marcelo:

    Certo, o que mais eu poderia fazer?

    Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.

    Eu fiz isso justamente neste tcpdump. Quando digito o tcdump no pfsense, eu já faço a tentativa de acesso ao site.

    0
  • M

    Pessoal, ainda não consegui fazer rodar, queria uma dica sobre isso, como poderia fazer para rodar certo sem que o pfsense tivesse os Ips internos das minhas redes, não poderiam ser 10.2.2.xx e nem 192.168.xx.xx, o que me recomendaria adicionar na Wan e na LAN do pfsense para rodar certinho a web e as máquinas de clientes.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy