Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ipencap pf

    Firewalling
    2
    2
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      freeseacher
      last edited by

      Hello !
      I have encounter some strange problem that can't resolve by myself
      So.
      Clinet creates gif connection from my ${lan} to some other mahine so some states
      self ipencap {some_inet} <- {on_lan_client}       MULTIPLE:MULTIPLE
      self ipencap {on_lan_client} -> {wan_ip} -> {some_inet}       SINGLE:NO_TRAFFIC

      And have no connection seems to be problem on my side. maybe ipencap not pass from wan to lan ?

      temporary i add rule for client like that

      pass in quick on xl0 inet proto tcp from any port = ftp-data to (xl0) port > 49000 user = 62 flags S/SA keep state label "FTP PROXY: PASV mode data connection"
      pass quick proto ipencap all_
      anchor "dhcpserverlan" all

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Can't say that I have ever seen the need for this.  Can you explain why that option is only needed in you're case?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.