Rules are there but can't ping/access webGui ithe pfsense from WAN
-
Hi there!
All was fine, i was connected to my remote network through OpenVPN in pfsense.
I had access to WebGUI, could ping etc..
I changed nothing, went to drink a cup of tea, and suddenly I was cut.Can't ping from outside, nothing, webgui also doesn't work….
My rules (attach 1)
I put log on those rules (attach 2)
According to the logs, packets(proto TCP ICMP) are passed in. However, no reply??
What am I doing wrong in here?Fortunately I have access from local interface, and here are screenshots done through the teamviewer.
Please, I need some hints.
Thanks
-
You probably don't want 80-443 in a rule, that's 80 through 443 inclusive. Probably either want a ports alias instead containing 80 and 443, or two separate rules.
That looks correct, and the traffic is getting there since it's logged as passed. Packet capture on WAN and try to ping, see what you get.
-
Thanks for reply, cmb.
I put two different rules for 80 and 443. Same thing.
Here is the packet capture result. I did at the same time
https://mysite
http://mysite
ping mysiteI captured packets having src/dst address of my home router.
h.h.h.h for the home
r.r.r.r for remote16:29:02.381824 IP h.h.h.h > r.r.r.r: ICMP echo request, id 1, seq 354, length 40 16:29:02.381856 IP r.r.r.r > h.h.h.h: ICMP echo reply, id 1, seq 354, length 40 16:29:04.073833 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:04.075497 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:04.076589 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:04.077851 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:04.079222 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:04.080918 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:04.082164 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:04.083414 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:04.084508 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:04.086541 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:04.087630 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:04.171826 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:04.274714 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:04.277368 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:04.278461 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:04.280177 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:04.281425 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:04.282676 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:04.283614 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:04.285657 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:04.286594 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:04.287843 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:04.289093 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:04.373088 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:04.624922 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:04.627421 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:04.628357 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:04.630544 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:04.631633 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:04.632728 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:04.633976 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:04.635695 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:04.636944 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:04.638193 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:04.639442 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:04.786071 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:05.125000 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:05.126092 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:05.127342 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:05.128903 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:05.130152 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:05.131557 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:05.132650 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:05.134367 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:05.135616 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:05.137333 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:05.138582 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:05.595875 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:05.820631 IP h.h.h.h.26253 > r.r.r.r.80: tcp 0 16:29:05.820676 IP r.r.r.r.80 > h.h.h.h.26253: tcp 0 16:29:05.822801 IP h.h.h.h.26254 > r.r.r.r.80: tcp 0 16:29:05.822838 IP r.r.r.r.80 > h.h.h.h.26254: tcp 0 16:29:06.070461 IP h.h.h.h.26258 > r.r.r.r.80: tcp 0 16:29:06.070501 IP r.r.r.r.80 > h.h.h.h.26258: tcp 0 16:29:06.755812 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:06.757998 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:06.760598 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:06.761715 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:06.762949 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:06.764273 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:06.765222 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:06.766455 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:06.767704 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:06.769265 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:06.770672 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:07.196884 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:07.347383 IP h.h.h.h > r.r.r.r: ICMP echo request, id 1, seq 355, length 40 16:29:07.347400 IP r.r.r.r > h.h.h.h: ICMP echo reply, id 1, seq 355, length 40 16:29:08.822444 IP h.h.h.h.26253 > r.r.r.r.80: tcp 0 16:29:08.822465 IP r.r.r.r.80 > h.h.h.h.26253: tcp 0 16:29:08.827627 IP h.h.h.h.26254 > r.r.r.r.80: tcp 0 16:29:08.827646 IP r.r.r.r.80 > h.h.h.h.26254: tcp 0 16:29:09.077843 IP h.h.h.h.26258 > r.r.r.r.80: tcp 0 16:29:09.077867 IP r.r.r.r.80 > h.h.h.h.26258: tcp 0 16:29:09.962946 IP h.h.h.h.12057 > r.r.r.r.45954: UDP, length 28 16:29:09.972621 IP h.h.h.h.12057 > r.r.r.r.25653: UDP, length 28 16:29:09.973714 IP h.h.h.h.12057 > r.r.r.r.53466: UDP, length 28 16:29:09.974964 IP h.h.h.h.12057 > r.r.r.r.63584: UDP, length 28 16:29:09.976682 IP h.h.h.h.12057 > r.r.r.r.11421: UDP, length 28 16:29:09.978086 IP h.h.h.h.12057 > r.r.r.r.63585: UDP, length 28 16:29:09.979179 IP h.h.h.h.12057 > r.r.r.r.63586: UDP, length 28 16:29:09.980429 IP h.h.h.h.12057 > r.r.r.r.63587: UDP, length 28 16:29:09.982146 IP h.h.h.h.12057 > r.r.r.r.63588: UDP, length 28 16:29:09.983413 IP h.h.h.h.12057 > r.r.r.r.63589: UDP, length 28 16:29:09.985271 IP h.h.h.h.12057 > r.r.r.r.63590: UDP, length 28 16:29:10.422209 IP r.r.r.r.49611 > h.h.h.h.12057: UDP, length 28 16:29:11.921894 IP r.r.r.r.80 > h.h.h.h.26253: tcp 0 16:29:11.926976 IP r.r.r.r.80 > h.h.h.h.26254: tcp 0 16:29:12.177057 IP r.r.r.r.80 > h.h.h.h.26258: tcp 0 16:29:12.331533 IP h.h.h.h.26276 > r.r.r.r.443: tcp 0 16:29:12.331572 IP r.r.r.r.443 > h.h.h.h.26276: tcp 0 16:29:12.346765 IP h.h.h.h > r.r.r.r: ICMP echo request, id 1, seq 356, length 40 16:29:12.346778 IP r.r.r.r > h.h.h.h: ICMP echo reply, id 1, seq 356, length 40 16:29:12.581935 IP h.h.h.h.26277 > r.r.r.r.443: tcp 0 16:29:12.581985 IP r.r.r.r.443 > h.h.h.h.26277: tcp 0 16:29:14.821559 IP h.h.h.h.26254 > r.r.r.r.80: tcp 0 16:29:14.821593 IP r.r.r.r.80 > h.h.h.h.26254: tcp 0 16:29:14.829250 IP h.h.h.h.26253 > r.r.r.r.80: tcp 0Oh, strange, it sends the ICMP echo replies, however, i don't get them.
What can be the problem now? :o
-
Just to rule out some things, try from your cellphone. (should work since you're not specifying a source in the rules.)
-
;D I was sure that it won't work. However, I have access from my USB-modem.
Strange… does that mean that ISP blocked or it is the gateway? -
What sits between the remote PC and the internet? Any sort of netgear / linksys router, or maybe a firewall?
-
Yes there is a wifi adsl router.
-
Yeah that shows the firewall is replying and that shows the traffic is being put on the wire, so something upstream must be blocking it.
-
something upstream must be blocking only that IP address.. or that subnet.
strange why it happened. coz i was connected for a period and then cut. -
Does the adsl router have any sort of firewall / features that would auto-ban IPs based on certain behavior?