Static route filtering

  • Hi everyone

    Here is the situation: I have a Pfsense box as perimeter firewall-router. It has just 2 interfaces:LAn and WAN. and it has configured many static routes, because in my network I managed a lot of subnets and those subnet enter into pfsense through LAN interface. So, the issue is, when I want to connect via SSH from any foreign subnet to local subnet that the LAN has confgured, pfsense blocks even if I add a rule that let pass. Only if  I check this option in advanced features: "Static route filtering" pfsense let pass.

    Is there any way that I can set up this without check the option: "Static route filtering"


  • You might need to give a bit more details. Examples of the 2 subnets where you have the problem and a screenshot of the rules for LAN.

  • You can't statefully filter asymmetrically routed traffic, which is what you have. If you need to filter traffic between those networks, you have to put the router on its own interface of the firewall (as you can't control one direction of the traffic via the firewall, it goes direct from router to host).