Ip fixo Wan e Ip fixo Lan



  • Olá pessoal, tudo bem?

    Estou com um problema aqui na minha empresa, segue o caso.

    Tenho que usar na loja da empresa um sistema para acesso a Smartphones, Tablets ou mesmo Notebook. Decidi usar o captive portal no pfsense, até aí tudo beleza, porém agora vem a melhor parte. Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento. Porém esta máquina que possuirá o captive portal, ficará somente na loja e somente para acesso a web, então foi criado um apelido em nosso firewall principal com o IP: 129.80.30.1/24, fiz as configurações na Wan: 129.80.30.2/24 GW:129.80.30.1/24, até aí blz, fiz um ping e já está acessando externamente, mas a lan adicionei o ip: 129.100.29.2/24 gw: 129.80.30.2/24 porém não está pingando externamente e o captive portal não está funcionando. Lembrando que esta faixa de ip é totalmente diferente da minha rede, que por segurança, não queremos que passe informações pela nossa rede interna.

    Fico no aguardo de uma resposta. Att.



  • Desta forma não vai funcionar.

    O cAptive portal precisa estar no Caminho de acesso a internet e não paralelo a ela.



  • Olá,
    até posso concordar contigo, porém o firewall que setamos os endereços de IP, redireciona todo o acesso para a banda larga, agora chegue a fazer funcionar, mas funciona apenas se colocar no browser o endereço de IP de um site qualquer, daí ele puxa as informações do captive portal. Minha dúvida, como faço para que ele resolva os nomes que digito no browser.



  • Pessoal,

    O que vocês me indicam para resolver o meu problema.??



  • @marcelo:

    como faço para que ele resolva os nomes que digito no browser.

    ele quem????

    ( ) pfsense
    ( ) captive portal
    ( ) browser do cliente



  • O que quero fazer é resolver o problema em questão, que o captive portal acesse nas máquinas dos clientes e que ele saia pela regra estabelecida pelo firewall. A minha WAN que possui o IP: 129.80.30.2/24 etá pingando, porém a LAN agora com o IP: 129.100.30.2/24 está pingando, o problema é que ele não consegue resolver os nomes DNS, visto que se atribuir um endereço de ip de um site ele abre a tela do captive portal, já atribuindo apenas o nome do site ele nem abre o captive portal, o que poderia fazer para que os serviços funcionem. Podem sugerir alguma idéia.?



  • @marcelo:

    o problema é que ele não consegue resolver os nomes DNS

    Seu dns esta fora da rede? já tentou apontar o dns para o pfsense ou seu ad?



  • Marcelo,

    Pode me dizer como faço isso, já tentei usar o DNS Forward e não deu certo, acredito que seja haja outra opção para configurar o DNS, pode me passar algumas dicas??



  • Quem está entregando IP na sua rede?? o PFSENSE ou o firewall?

    Se for o PFSENSE, configure DHCP server apontando o DNS para o ip do seu PFSENSE, deve resolver o problema de DNS.

    Att.

    Pablo Guimarães



  • Quem está entregando o ip no Pfsense é o Firewall Segue da seguinte maneira:

    Wan: 129.80.30.2/24                                     
    129.80.30.1/24                  GW: 129.80.30.1/24                                sem ip
      Firewall–----------------------Pfsense–------------------------AP Router
                                            Lan: 129.100.30.2/24
                                            GW: 129.80.30.2/24
                                      DHCP: 129.100.30.10/24 a 129.100.30.80/24

    Situação: Pfsense,

    Ping google.com.br pela Wan, OK
    Ping google.com.br pela Lan, erro
    ping 200.180.239.23 pela Wan, OK
    ping 200.180.239.23 pela Lan, OK

    Acessando pelo pfsense desta maneira pelo browser, aparece a página do captive portal. Se digitar google.com.br dá erro de página.

    Alguém tem alguma sugestão de como resolvo isso.?



  • tem certeza que o gateway da sua lan é o ip do firewall?

    normalmente, a lan fica sem gateway.



  • @marcelloc:

    tem certeza que o gateway da sua lan é o ip do firewall?

    normalmente, a lan fica sem gateway.

    Adicionado da seguinte maneira:

    Wan: 129.80.30.2/24                                     
    129.80.30.1/24                  GW: 129.80.30.1/24                          sem ip
      Firewall–----------------------Pfsense--------------------------AP Router
                                            Lan: 129.100.29.2/24
                                            GW: none
                                      DHCP: 129.100.30.10/24 a 129.100.30.80/24

    Adicionei em General Setup os DNS Servers:

    200.199.252.68  WAN
    200.199.241.17  WAN
    8.8.8.8              WAN

    Deixei habilitado as duas opções abaixo do DNS Server

    Em DHCP Server na LAN

    Range: 129.100.29.10 t 129.100.29.200

    DNS server: 129.100.29.2
    Gateway: 129.100.29.2

    Resultado:

    Ping bol.com.br pela WAN--OK
    Ping bol.com.br pela LAN--OK

    Nas máquinas clientes, não navega, nem mesmo desabilitando o Captive Portal, não funciona. A configuração que pega as maquinas está da seguinte maneira:

    Endereço de IPV4: 129.100.29.10
    Máscara de Sub-rede: 255.255.255.0
    Gateway Padrão: 129.100.29.2
    Servidor DHCP: 129.100.29.2
    Servidor DNS: 129.100.29.2

    Alguém pode me dizer o que está havendo para que ele não funcione corretamente, está bem complicado.



  • @marcelo:

    Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento.

    Depois de conferir seus nats de saída (firewall -> nat -> outbound), os proximos passos são usar o tcpdump e analisar as regras de liberação e bloqueio dos dois firewalls.



  • @marcelloc:

    @marcelo:

    Já possuímos um firewall que faz todo o nosso gerenciamento de acesso e monitoramento.

    Depois de conferir seus nats de saída (firewall -> nat -> outbound), os proximos passos são usar o tcpdump e analisar as regras de liberação e bloqueio dos dois firewalls.

    O nat deixei habilitado a opção automática. Utilizei o tcpdump para buscar as devidas informações sobre o problema, segue:

    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on vr0, link-type EN10MB (Ethernet), capture size 96 bytes
    11:54:17.015161 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 2127699073, win 513, length 52
    11:54:17.015353 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 196
    11:54:17.018095 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 248, win 432, length 0
    11:54:17.134935 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 114437472, win 4101, length 0
    11:54:17.504795 IP elf-0005.localdomain.netbios-ns > 10.2.2.39.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
    11:54:17.973237 IP elf-0005.localdomain.63529 > 10.2.2.223.snmp:  C=internal GetRequest(29)  43.5.1.1.2.1
    11:54:18.017184 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 628
    11:54:18.219769 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 876, win 429, length 0
    11:54:18.255672 IP elf-0005.localdomain.55133 > pfsense.localdomain.domain: 60232+ A? talk.google.com. (33)
    11:54:18.945823 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 1, win 4101, length 763
    11:54:18.946006 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 507, length 0
    11:54:19.004961 IP elf-0005.localdomain.netbios-ns > 10.2.2.39.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
    11:54:19.087744 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.087780 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.087804 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.087826 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.087846 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.087867 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 763, win 513, length 1070
    11:54:19.094465 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 2921, win 4380, length 0
    11:54:19.094632 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.094662 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.094687 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 763, win 513, length 1460
    11:54:19.094707 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 763, win 513, length 43
    11:54:19.100029 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 5841, win 4380, length 0
    11:54:19.100562 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 8371, win 4380, length 0
    11:54:19.106524 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 11291, win 4380, length 0
    11:54:19.108229 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 12794, win 4380, length 0
    11:54:19.515299 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:19.516434 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:19.517583 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:19.518550 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:19.851286 IP6 fe80::7d49:51c9:3e5:f0b1.dhcpv6-client > ff02::1:2.dhcpv6-server: dhcp6 solicit
    11:54:19.973405 IP elf-0005.localdomain.63530 > 10.2.2.223.snmp:  C=internal GetRequest(29)  43.5.1.1.2.1
    11:54:20.258180 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:20.440340 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
    11:54:20.546029 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
    11:54:21.007017 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:21.113772 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 12794, win 4380, length 763
    11:54:21.113962 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 507, length 0
    11:54:21.249958 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.249995 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.250017 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.250038 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.250109 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.250134 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 1526, win 513, length 1070
    11:54:21.250682 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.250714 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.258137 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 15714, win 4380, length 0
    11:54:21.258347 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 1526, win 513, length 1460
    11:54:21.258375 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 1526, win 513, length 43
    11:54:21.259033 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 18634, win 4380, length 0
    11:54:21.265219 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 21164, win 4380, length 0
    11:54:21.269256 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 24084, win 4380, length 0
    11:54:21.271159 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 25587, win 4380, length 0
    11:54:21.440258 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
    11:54:21.546215 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
    11:54:21.757059 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:21.974123 IP elf-0005.localdomain.61151 > 10.2.2.223.snmp:  C=internal SetRequest(471)  E:2435.2.3.9.2.11.1.1.0=[|snmp]
    11:54:22.256323 IP elf-0005.localdomain.55133 > pfsense.localdomain.domain: 60232+ A? talk.google.com. (33)
    11:54:22.440066 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
    11:54:22.513267 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:22.515010 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
    11:54:22.515934 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:22.517031 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:22.517689 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:22.546261 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
    11:54:23.276871 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 25587, win 4380, length 763
    11:54:23.277031 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 507, length 0
    11:54:23.279935 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 25587, win 4380, length 763
    11:54:23.280136 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 0
    11:54:23.345388 IP elf-0005.localdomain.63528 > pfsense.localdomain.domain: 46260+ SOA? elf-0005.maquina.local. (38)
    11:54:23.418525 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.418562 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.418587 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.418607 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.418628 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.418651 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 2289, win 513, length 1070
    11:54:23.419306 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.419340 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.419409 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 2289, win 513, length 1460
    11:54:23.419429 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 2289, win 513, length 43
    11:54:23.423448 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 28507, win 4380, length 0
    11:54:23.429586 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 31427, win 4380, length 0
    11:54:23.432085 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 33957, win 4380, length 0
    11:54:23.438770 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 36877, win 4380, length 0
    11:54:23.440350 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 38380, win 4380, length 0
    11:54:23.515182 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
    11:54:24.186569 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 164
    11:54:24.388416 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 1040, win 428, length 0
    11:54:24.440341 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
    11:54:24.515313 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
    11:54:24.546419 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
    11:54:24.974239 IP elf-0005.localdomain.61967 > 10.2.2.223.snmp:  C=internal SetRequest(471)  E:2435.2.3.9.2.11.1.1.0=[|snmp]
    11:54:25.446122 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 38380, win 4380, length 763
    11:54:25.446301 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 507, length 0
    11:54:25.587203 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.587243 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.587266 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.587286 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.587306 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.587328 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3052, win 513, length 1070
    11:54:25.587982 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.588012 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.588058 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3052, win 513, length 1460
    11:54:25.588081 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3052, win 513, length 43
    11:54:25.593785 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 41300, win 4380, length 0
    11:54:25.596446 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 44220, win 4380, length 0
    11:54:25.605919 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 46750, win 4380, length 0
    11:54:25.607590 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 49670, win 4380, length 0
    11:54:25.608886 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 51173, win 4380, length 0
    11:54:26.268720 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:26.581663 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
    11:54:26.582471 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
    11:54:27.006813 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:27.466719 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
    11:54:27.811965 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 51173, win 4380, length 763
    11:54:27.812134 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 507, length 0
    11:54:27.812928 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:27.953837 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.953876 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.953902 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.953923 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.953943 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.953965 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 1070
    11:54:27.954562 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.954595 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.954616 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:27.954635 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 38
    11:54:27.959723 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 5
    11:54:28.226100 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.482102 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 52633, win 4380, length 0
    11:54:28.482230 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.482264 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.483137 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
    11:54:28.487046 IP elf-0005.localdomain.61097 > pfsense.localdomain.domain: 63887+ A? bol.com.br. (28)
    11:54:28.487802 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 55553, win 4380, length 0
    11:54:28.487877 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.487907 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.487937 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.510564 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 58473, win 4380, length 0
    11:54:28.510619 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.510646 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 3815, win 513, length 1460
    11:54:28.510672 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 3815, win 513, length 1113
    11:54:28.518742 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
    11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [s], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [s], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [s], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [s], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.541190 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 61393, win 4380, length 0
    11:54:28.542036 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 63966, win 4380, length 0
    11:54:28.546593 IP elf-0005.localdomain.61150 > pfsense.localdomain.domain: 10612+ A? isatap.maquina.local. (36)
    11:54:29.705311 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
    11:54:29.706161 IP elf-0005.localdomain.51941 > 10.2.2.62.5052: Flags [s], seq 1354435444, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    11:54:30.244667 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 148
    11:54:30.487608 IP elf-0005.localdomain.59970 > pfsense.localdomain.domain: 20048+ A? bol.com.br. (28)
    11:54:30.515023 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
    11:54:30.515973 IP elf-0005.localdomain.61966 > pfsense.localdomain.domain: 42440+ A? talk.google.com. (33)
    11:54:30.546514 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [P.], ack 63966, win 4380, length 763
    11:54:30.546671 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 507, length 0
    11:54:30.687390 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.687425 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.687448 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.687468 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.687487 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.687508 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 4578, win 513, length 1070
    11:54:30.709115 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 66886, win 4380, length 0
    11:54:30.709274 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.709305 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.729263 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 69806, win 4380, length 0
    11:54:30.729334 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [.], ack 4578, win 513, length 1460
    11:54:30.729357 IP pfsense.localdomain.http > elf-0005.localdomain.51935: Flags [P.], ack 4578, win 513, length 43
    11:54:30.751282 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 72336, win 4380, length 0
    11:54:30.752293 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 75256, win 4380, length 0
    11:54:30.753026 IP elf-0005.localdomain.51935 > pfsense.localdomain.http: Flags [.], ack 76759, win 4380, length 0
    11:54:30.915690 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 148
    11:54:31.116015 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 1188, win 428, length 0
    11:54:31.245491 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [.], ack 1, win 513, length 1460
    11:54:31.453858 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 2648, win 422, length 0
    11:54:31.454033 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 1172
    11:54:31.671076 IP elf-0005.localdomain.51748 > pfsense.localdomain.ssh: Flags [.], ack 3820, win 418, length 0
    11:54:32.441598 IP elf-0005.localdomain.netbios-ns > 129.100.29.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
    11:54:32.490701 IP pfsense.localdomain.ssh > elf-0005.localdomain.51748: Flags [P.], ack 1, win 513, length 212
    11:54:32.515182 IP elf-0005.localdomain.59578 > pfsense.localdomain.domain: 15855+ A? talk.google.com. (33)
    11:54:32.516204 IP elf-0005.localdomain.51941 > 10.2.2.62.5052: Flags [s], seq 1354435444, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    ^C11:54:32.547775 IP6 fe80::7d49:51c9:3e5:f0b1.55584 > ff02::1:3.5355: UDP, length 24
    [/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s][/s]
    


  • Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????



  • @marcelloc:

    Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.



  • @marcelo:

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

    O que tinha visto era um pftop e não o tcpdump que está lá

    a unica comunicação que não acontece naquele tcpdump é esta

    11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

    Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

    se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

    sugestão de comando
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

    ou para monitorar uma porta específica
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar



  • @marcelloc:

    Como os pacotes da rede atras do pfsense são traduzidos para o segundo firewall?

    O segundo firewall conhece esta rede atras do pfsense, sabe devolver os pacotes para ela????

    Sim, sem problemas, segue o tcpdump logo acima.



  • @marcelloc:

    @marcelo:

    Sim, encaminhei pra você os logs que sairam quando tentei acessar a maquina para a página do bol.com.br.

    O que tinha visto era um pftop e não o tcpdump que está lá

    a unica comunicação que não acontece naquele tcpdump é esta

    11:54:28.525956 IP elf-0005.localdomain.51937 > 10.2.2.65.5055: Flags [ S ], seq 1394016014, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.533514 IP elf-0005.localdomain.51939 > 10.2.2.63.5053: Flags [ S ], seq 1287206207, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.539797 IP elf-0005.localdomain.51940 > 10.2.2.61.5051: Flags [ S ], seq 1962454065, win 8192, options [mss 1460,nop,nop,sackOK], length 0
    11:54:28.540584 IP elf-0005.localdomain.51938 > 10.2.2.64.5054: Flags [ S ], seq 2762473566, win 8192, options [mss 1460,nop,nop,sackOK], length 0

    Tente monitorar em tempo real a solicitação de dns, navegação na porta 80 para o ip do site, tente identificar em que ponto a comunicação para.

    se é na lan do pfsense, na wan ou se o pacote sai da wan com um ip de origem que o segundo firewall não sabe devolver

    sugestão de comando
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense host ip_do_servidor web

    ou para monitorar uma porta específica
    tcpdump -ni interface_lan_ou_wan_do_seu_pfsense port porta a monitorar

    Segue o único que consegui capturar foi o da Lan o da Wan nem aparece:

    12:58:13.159110 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 33957, win 4380, length 0
    12:58:13.165272 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 36877, win 4380, length 0
    12:58:13.166787 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 38380, win 4380, length 0
    12:58:15.172241 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 38380, win 4380, length 763
    12:58:15.172399 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 507, length 0
    12:58:15.322704 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322742 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322767 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322787 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322807 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.322830 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 1070
    12:58:15.323495 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.323552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.331953 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 41300, win 4380, length 0
    12:58:15.332120 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3053, win 513, length 1460
    12:58:15.332148 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3053, win 513, length 43
    12:58:15.334740 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 44220, win 4380, length 0
    12:58:15.340753 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 46750, win 4380, length 0
    12:58:15.345012 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 49670, win 4380, length 0
    12:58:15.347078 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 51173, win 4380, length 0
    12:58:17.352806 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 51173, win 4380, length 763
    12:58:17.353017 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 507, length 0
    12:58:17.494279 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494318 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494343 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494366 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494387 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.494409 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 1070
    12:58:17.495086 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495143 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495168 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 3816, win 513, length 1460
    12:58:17.495187 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 3816, win 513, length 43
    12:58:17.499396 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 54093, win 4380, length 0
    12:58:17.505637 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 57013, win 4380, length 0
    12:58:17.511538 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 59543, win 4380, length 0
    12:58:17.512097 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 62463, win 4380, length 0
    12:58:17.516183 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 63966, win 4380, length 0
    12:58:19.522338 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 63966, win 4380, length 763
    12:58:19.522532 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 507, length 0
    12:58:19.659552 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659597 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659623 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659644 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659665 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.659687 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 1070
    12:58:19.660252 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660286 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660310 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 4579, win 513, length 1460
    12:58:19.660329 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 38
    12:58:19.665398 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 4579, win 513, length 5
    12:58:19.666263 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 66886, win 4380, length 0
    12:58:19.668849 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 69806, win 4380, length 0
    12:58:19.677936 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 72336, win 4380, length 0
    12:58:19.680184 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 75256, win 4380, length 0
    12:58:19.681137 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76754, win 4380, length 0
    12:58:19.883162 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 76759, win 4378, length 0
    12:58:21.686017 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 76759, win 4378, length 763
    12:58:21.686212 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 507, length 0
    12:58:21.827540 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827576 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827603 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827624 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827645 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.827667 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 1070
    12:58:21.828327 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828383 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828430 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 5342, win 513, length 1460
    12:58:21.828450 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 5342, win 513, length 43
    12:58:21.836238 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 79679, win 4380, length 0
    12:58:21.837172 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 82599, win 4380, length 0
    12:58:21.844750 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 85129, win 4380, length 0
    12:58:21.847214 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 88049, win 4380, length 0
    12:58:21.848813 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 89552, win 4380, length 0
    12:58:23.854168 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 89552, win 4380, length 763
    12:58:23.854345 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 507, length 0
    12:58:23.996376 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996416 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996446 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996467 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996488 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.996510 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 1070
    12:58:23.997733 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997816 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997842 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6105, win 513, length 1460
    12:58:23.997862 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6105, win 513, length 43
    12:58:24.001467 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 92472, win 4380, length 0
    12:58:24.007193 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 95392, win 4380, length 0
    12:58:24.010677 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 97922, win 4380, length 0
    12:58:24.016996 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 100842, win 4380, length 0
    12:58:24.018631 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 102345, win 4380, length 0
    12:58:26.024364 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [P.], ack 102345, win 4380, length 763
    12:58:26.024553 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 507, length 0
    12:58:26.161181 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161218 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161244 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161265 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161285 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161307 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 1070
    12:58:26.161895 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161924 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161946 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [.], ack 6868, win 513, length 1460
    12:58:26.161966 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 38
    12:58:26.167130 IP 129.100.29.2.80 > 129.100.29.10.53572: Flags [P.], ack 6868, win 513, length 5
    12:58:26.169842 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 105265, win 4380, length 0
    12:58:26.173930 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 108185, win 4380, length 0
    12:58:26.175105 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 110715, win 4380, length 0
    12:58:26.182923 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 113635, win 4380, length 0
    12:58:26.184124 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115133, win 4380, length 0
    12:58:26.381831 IP 129.100.29.10.53572 > 129.100.29.2.80: Flags [.], ack 115138, win 4378, length 0



  • parece trafego da sua maquina para a interface do pfsense.



  • @marcelloc:

    parece trafego da sua maquina para a interface do pfsense.

    Certo, o que mais eu poderia fazer?



  • @marcelo:

    Certo, o que mais eu poderia fazer?

    Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.



  • @marcelloc:

    @marcelo:

    Certo, o que mais eu poderia fazer?

    Conseguir identificar via tcpdump o trafego quando a maquina solicita o site externo.

    Eu fiz isso justamente neste tcpdump. Quando digito o tcdump no pfsense, eu já faço a tentativa de acesso ao site.



  • Pessoal, ainda não consegui fazer rodar, queria uma dica sobre isso, como poderia fazer para rodar certo sem que o pfsense tivesse os Ips internos das minhas redes, não poderiam ser 10.2.2.xx e nem 192.168.xx.xx, o que me recomendaria adicionar na Wan e na LAN do pfsense para rodar certinho a web e as máquinas de clientes.


Locked