Problem with NAT or firewall rule with an TCP port

  • Hello.
    I deployed a pfsense 2.1 in our company, and all was ok.
    However, we have a problem with an own service on the DMZ network listening on a TCP port for an application.
    Is a simple application that serve our clients for receive updates of a software (No SSL… simple plain text). I have an NAT and firewall rule forwarded to the DMZ server and the  port.
    Apparently, the service is working. When are few connections, all working fine. But when the number of concurrent connections grows (No much more than 6 or 7...), the connections becomes stalled and unstable, and the update process fails.
    Before deploy the pfsense, We had a linux box with iptables forwarding and filtering packets, and worked fine for years. Now, I replaced the pfsense by the old linux box because this is a big problem for us. 
    Somebody have suggestions? Some system tunnable that can help?

Log in to reply