FTP traffic not going out on WAN
-
Hi All,
Situation pfSense 2.1 (latest version)
1 nic for ISP1
1 nic for ISP2
1 nic vor LAN
1 nic for 4 DMZ zones (1+3VLANs)
1 nic for wirelessDMZ zones are x.y.20.0/24 VLANs x.y.22.0/24 x.y.26.0/24 & x.y.28.0/24
on x.y.28.2 sits an IBM AS/400 with FTP server.
Can connect from LAN to FTP server and get a file - no problem
Can connect from any place in the world to x.y.28.3 to start FTP, authentication works, cd into dir ok, but when I 'get' a file, it stops.
(switching to passive does not help)This is now in my firewall
block
Jan 20 22:47:36 DMZxxx28 (source)x.y.28.2:21 (dest)24.64.xx.yy:43541 TCP:FPAReason for the block
@5 block drop in log inet all label "Default deny rule IPv4"There is a rule in DMZxxx28 that allows for this traffic to go out.
Rule in DMZxxx28:
ID Proto Source Port Destination Port Gateway Queue
IPv4 TCP/UDP x.y.28.2 * * * WANisp1GW noneAnd all this used to work until I rebooted my system 3 days ago…
Since then I have Ticked ON (selected) (In System:Advanced):
Disables the PF scrubbing option which can sometimes interfere with NFS and PPTP traffic.
&
Bypass firewall rules for traffic on the same interfaceas suggested by others in this forum, and rebooted the box again, but no luck...
Any other ideas?
thanks
Peter
-
It's getting worse… Now I get this
The rule that triggered this action is:
@5 block drop in log inet all label "Default deny rule IPv4"On most traffic going out (ex IMAP on 143 cannot talk to a laptop connected via OpenVPN )
No idea what is triggering this.
Close to cleaning it all up and re-install - although I don't want to do that.
Peter