Inbound traffic suddenly not being passed any more
-
Ever since the update to pfSense 2.0.3 some weeks ago, the router has been working flawlessly. Now, this morning, the router stopped responding to incoming connections. Browsing the internet from withing the LAN worked without any issues. However, the public IP address did not respond to any of the forwarded services (RDP, for example) any more. I could also not access the WebGUI from the WAN side (LAN side worked flawlessly). Nor did I get a response to PINGs from the WAN side.
The configuration had not changed. The system log showed nothing suspicious.
A reboot of pfSense solved the issue (reboot command issued with the "Diagnostics: Execute command" WebGUI interface).
The router connects to the LAN via one Intel NIC and to thw WAN via another Intel NIC. WAN is accessed via PPPoE over VLAN7 (yup, German Telekom). There is an OPT1 interface on the WAN NIC without VLAN tagging, which allows me to access the modem's management interface. As the ISP requires a disconnect every 24 hours, pfSense is configured to perform a PPPoE reconnection every day at 02:30am. The loss of responsiveness to WAN connections must have occured at some time between 01:30am and 08:00am. I suspect that it might have to do with the reconnection at 02:30am.
Of course I'm curiosity why this has happened. However, it's of more importance on how I can detect this problem from within the LAN, in case it reappers in the future. NAT reflection is not enabled, the public hostnames are redirected via host overrides in the pfSense DNS forwarder.
Internet connectivity is checked every few minutes from a server in the LAN. If Internet from the LAN goes down, power is automatically cut to pfSense, modem, switches and the PBX (well, just in case…), causing a complete restart 10 seconds later. This has never happened. However, if I can reliably detect the described condition from within the LAN, I could amend the monitoring script.