NetFlix/AmazonAWS blocked by "Default deny rule"
First off, I love pfSense. Switched from FreeSCO to pfSense back in 2006.
For what ever reason, NetFlix/AmazonAWS are tripping over the "Default deny rule". I am seeing lots of entries like this in the firewall log:
block Jun 26 03:08:15 LAN 10.0.0.181:54512 188.8.131.52:443 TCP:RA block Jun 26 03:08:06 LAN 10.0.0.181:54512 184.108.40.206:443 TCP:FPA block Jun 26 02:13:46 LAN 10.0.0.46:55723 220.127.116.11:443 TCP:R block Jun 26 02:13:46 LAN 10.0.0.46:55723 18.104.22.168:443 TCP:PA block Jun 26 01:51:06 LAN 10.0.0.46:55701 22.214.171.124:443 TCP:R block Jun 26 01:51:06 LAN 10.0.0.46:55701 126.96.36.199:443 TCP:PA
And here is the reason message:
10.0.0.181 = iPad w/ NetFlix app
10.0.0.46 = Win7 w/Browser
I created an alias for the NetFlix/AmazonAWS subnets, but it only seems to make a (slight) difference if I enable logging on the rule. Even then, NetFlix still doesn't load right or consistantly:
pass Jun 26 02:52:27 LAN 10.0.0.46:54167 188.8.131.52:443 TCP:S pass Jun 26 02:52:24 LAN 10.0.0.46:54166 184.108.40.206:443 TCP:S
Allowing all outbound LAN traffic to 80/443 made no difference.
Perhaps this applies to your case:
panz last edited by
I have similar problems here with Amazon S3 (uploading backups).
I use Duplicati backup (a very good Open Source backup program like Duplicity, with a simple GUI and TNO encryption).
With "plain" pfsense installation it works great: no problem for uploading or downloading from my S3 buckets.
Problems arise when I use pfsense as OpenVPN client to a VPN provider like StrongVPN or AirVPN: with very "relaxed" firewall rules I get a bunch of "blocked" by default deny rule for IPv4, no matter what's allowed to all the interfaces :(