Static Route + Firewall Problem
-
Hi guys,
I read a lot of things here, but didn't work for me.
My current version: 2.0.3-RELEASE (amd64)
2 NIC (WAN + LAN)
2 GatewaysWAN - pppoe
LAN - 10.0.0.0/24
default gateway - dynamic by WAN
vpn gateway - 10.0.0.240static routes:
172.27.254.0/24
10.10.14.0/24what works:
- Internet OK
- Ping my static routes OK
- Access static routes OK (browser, ssh)
problems encountered:
if I use the the pfsense my default gateway, my connection to client vpn (10.0.0.240) drops every 200KB
I can't commit to a SVN, use SCP from linux or Filezilla…what I've done
- check "Bypass firewall rules for traffic on the same interface" but nothing happens
- when I "pfctl -d" all works fine (like Disable Filters on Advanced page) but I need the firewall
SCP with firewall ON (the transfer stop ~200kb)
10:20:20.328499 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [s], seq 2663523693, win 65535, options [mss 1460,nop,wscale 7,nop,nop,sackOK], length 0 10:20:20.328604 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [s], seq 2663523693, win 65535, options [mss 1460,nop,wscale 7,nop,nop,sackOK], length 0 10:20:20.328630 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 60 10:20:20.345278 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 329830141, win 32768, length 0 10:20:20.345308 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 1, win 32768, length 0 10:20:20.345325 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:20:20.387924 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 43 10:20:20.387957 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 43 10:20:20.388424 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 640 10:20:20.388446 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 640 10:20:20.424078 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 663, win 32762, length 16 10:20:20.424117 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 663, win 32762, length 16 10:20:20.487749 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 943, win 32760, length 272 10:20:20.487788 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 943, win 32760, length 272 10:20:20.567467 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 16 10:20:20.567520 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 16 10:20:20.567677 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 52 10:20:20.567687 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 52 10:20:20.587388 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1587, win 32767, length 68 10:20:20.587409 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1587, win 32767, length 68 10:20:20.606277 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1655, win 32767, length 296 10:20:20.606301 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1655, win 32767, length 296 10:20:20.636186 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1691, win 32766, length 68 10:20:20.636217 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1691, win 32766, length 68 10:20:20.654028 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 84 10:20:20.654052 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 84 10:20:20.654221 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 68 10:20:20.654230 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 68 10:20:20.677838 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1831, win 32765, length 52 10:20:20.677861 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1831, win 32765, length 52 10:20:20.865714 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1883, win 32765, length 52 10:20:20.865735 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1883, win 32765, length 52 10:20:20.886146 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1983, win 32764, length 68 10:20:20.886166 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 1983, win 32764, length 68 10:20:20.904182 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2083, win 32763, length 68 10:20:20.904205 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2083, win 32763, length 68 10:20:20.923463 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2151, win 32763, length 68 10:20:20.923495 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2151, win 32763, length 68 10:20:20.941057 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2219, win 32762, length 68 10:20:20.941073 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2219, win 32762, length 68 10:20:20.958715 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2319, win 32761, length 68 10:20:20.958738 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2319, win 32761, length 68 10:20:20.976117 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2387, win 32761, length 68 10:20:20.976137 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 2387, win 32761, length 68 10:20:21.038788 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5147, win 32768, length 0 10:20:21.038831 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5147, win 32768, length 0 10:20:21.059559 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5607, win 32764, length 68 10:20:21.059582 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5607, win 32764, length 68 10:20:21.076978 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5691, win 32763, length 68 10:20:21.076994 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5691, win 32763, length 68 10:20:21.152443 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5759, win 32763, length 0 10:20:21.152464 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5759, win 32763, length 0 10:20:26.045553 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5759, win 32763, length 100 10:20:26.045571 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5759, win 32763, length 100 10:20:26.067247 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5923, win 32761, length 116 10:20:26.067264 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [P.], ack 5923, win 32761, length 116 10:20:26.104566 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.104586 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.104930 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.104943 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105189 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105201 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105305 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105317 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105422 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.105431 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.175292 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.175313 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.175966 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.175978 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.176201 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.176212 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.176706 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.176718 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:20:26.177681 IP 10.0.0.119.50543 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 SCP with firewall off [code]10:24:26.589689 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [s], seq 3841722664, win 65535, options [mss 1460,nop,wscale 7,nop,nop,sackOK], length 0 10:24:26.589698 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [s], seq 3841722664, win 65535, options [mss 1460,nop,wscale 7,nop,nop,sackOK], length 0 10:24:26.589706 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 60 10:24:26.605976 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 432157001, win 32768, length 0 10:24:26.605986 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 1, win 32768, length 0 10:24:26.605995 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.648540 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 43 10:24:26.648549 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 43 10:24:26.648557 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.649499 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 640 10:24:26.649507 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 23, win 32767, length 640 10:24:26.649514 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.678233 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 663, win 32762, length 16 10:24:26.678239 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 663, win 32762, length 16 10:24:26.678247 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.745263 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 943, win 32760, length 272 10:24:26.745271 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 943, win 32760, length 272 10:24:26.745279 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.822460 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 16 10:24:26.822469 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 16 10:24:26.822477 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.822653 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 52 10:24:26.822659 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1535, win 32768, length 52 10:24:26.822665 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.842685 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1587, win 32767, length 68 10:24:26.842694 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1587, win 32767, length 68 10:24:26.842701 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:26.860447 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1655, win 32767, length 296 10:24:26.860455 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1655, win 32767, length 296 10:24:26.860463 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.047968 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1691, win 32766, length 68 10:24:27.047982 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1691, win 32766, length 68 10:24:27.047990 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.066237 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 84 10:24:27.066255 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 84 10:24:27.066269 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.066452 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 68 10:24:27.066459 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1743, win 32766, length 68 10:24:27.066465 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.096770 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1831, win 32765, length 52 10:24:27.096779 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1831, win 32765, length 52 10:24:27.096787 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.256835 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1883, win 32765, length 52 10:24:27.256845 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1883, win 32765, length 52 10:24:27.256853 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.279246 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1983, win 32764, length 68 10:24:27.279255 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 1983, win 32764, length 68 10:24:27.279262 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.296835 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2083, win 32763, length 68 10:24:27.296844 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2083, win 32763, length 68 10:24:27.296852 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.320146 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2151, win 32763, length 68 10:24:27.320158 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2151, win 32763, length 68 10:24:27.320167 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.337792 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2219, win 32762, length 68 10:24:27.337801 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2219, win 32762, length 68 10:24:27.337807 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.355334 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2319, win 32761, length 68 10:24:27.355341 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2319, win 32761, length 68 10:24:27.355347 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.372934 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2387, win 32761, length 68 10:24:27.372942 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 2387, win 32761, length 68 10:24:27.372949 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.425040 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5147, win 32768, length 0 10:24:27.425049 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5147, win 32768, length 0 10:24:27.425058 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.447112 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5607, win 32764, length 68 10:24:27.447123 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5607, win 32764, length 68 10:24:27.447131 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.465107 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5691, win 32763, length 68 10:24:27.465116 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5691, win 32763, length 68 10:24:27.465123 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:27.532881 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5759, win 32763, length 0 10:24:27.532891 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5759, win 32763, length 0 10:24:27.532899 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.025766 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5759, win 32763, length 100 10:24:32.025775 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5759, win 32763, length 100 10:24:32.025782 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.044769 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5923, win 32761, length 116 10:24:32.044778 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [P.], ack 5923, win 32761, length 116 10:24:32.044784 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.063724 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.063734 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.063741 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.064060 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064067 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064073 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.064215 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064223 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064228 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.064380 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064385 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064391 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.064632 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064639 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.064645 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.104583 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.104592 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.104600 IP fw01.owse.net > 10.0.0.119: ICMP redirect 172.27.254.103 to host 10.0.0.240, length 48 10:24:32.104971 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 10:24:32.104978 IP 10.0.0.119.50579 > 172.27.254.103.ssh: Flags [.], ack 5991, win 32761, length 1380 my route table [code]Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 177.133.132.1.dyna UGS 0 252811 pppoe0 10.0.0.0 link#1 U 0 43554023 em0 fw01 link#1 UHS 0 3 lo0 10.10.254.0 10.0.0.240 UGS 0 0 em0 localhost link#5 UH 0 107860 lo0 140.85.0.0 10.0.0.240 UGS 0 1 em0 172.27.254.0 10.0.0.240 UGS 0 59979 em0 177.133.132.1.dyna link#9 UH 0 4987 pppoe0 186.215.235.182.st link#9 UHS 0 10 lo0 [/code] sorry for my poor English [/s][/s][/code][/s][/s]
-
You probably need to check System > Advanced, Firewall Tab, "Bypass firewall rules for traffic on the same interface"
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.