Port 445 not working after update to pfSense 2.1.2

  • I've configured my pfSense firewall to pass traffic on port 445 on the wan interface. I've also configured the squid proxy to forward traffic from this port to one of my webservers. This worked perfectly until I've installed the pfSense 2.1.2 update. Now I cannot connect to this port anymore from the wan interface. (Even with telnet cannot establish a connection) But if I try to connect from the LAN interface everything works as usual. I've checked the packet filter log, but there where no logs that any packets are blocked on this port. I've also tried to capture the packets using tcpdump…

    tcpdump -i em1 port 445 >> capture.pcap

    ...but the capture log was empty after calling the port from the external interface. What else could be the reason that my connection is blocked? Or is the port 445 maybe reserved for something other in this version?

  • Rebel Alliance Developer Netgate

    If the packets never show in a capture, they never arrived at pfSense. Even blocked packets show in a capture.

    Your ISP is likely blocking that port upstream. And rightly so, that's a very common port that exploits use to propagate over the Internet to exposed Windows systems.

    If you need to share files across the Internet, use a VPN or a more secure protocol (e.g. scp), not SMB.

  • Thanks for the hint! I've changed the port to 555 and now the connection is working again from external. It seams my ISP is blocking this port now.