Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Static route filtering

    Firewalling
    3
    3
    1317
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      demian last edited by

      Hi everyone

      Here is the situation: I have a Pfsense box as perimeter firewall-router. It has just 2 interfaces:LAn and WAN. and it has configured many static routes, because in my network I managed a lot of subnets and those subnet enter into pfsense through LAN interface. So, the issue is, when I want to connect via SSH from any foreign subnet to local subnet that the LAN has confgured, pfsense blocks even if I add a rule that let pass. Only if  I check this option in advanced features: "Static route filtering" pfsense let pass.

      Is there any way that I can set up this without check the option: "Static route filtering"

      thanks

      1 Reply Last reply Reply Quote 0
      • P
        podilarius last edited by

        You might need to give a bit more details. Examples of the 2 subnets where you have the problem and a screenshot of the rules for LAN.

        1 Reply Last reply Reply Quote 0
        • C
          cmb last edited by

          You can't statefully filter asymmetrically routed traffic, which is what you have. If you need to filter traffic between those networks, you have to put the router on its own interface of the firewall (as you can't control one direction of the traffic via the firewall, it goes direct from router to host).

          1 Reply Last reply Reply Quote 0
          • First post
            Last post