Certain connections drop off after 10-30 seconds
-
Hello all,
First: thanks for reading!
I have an odd situation: I have two Alix based boxes - one old (pfsense 1.2) and one new (latest release). Both have been configured exactly the same. Well - same networking; same rules; same NAT. When I swap the new for the old - everything works exactly as expected - except one thing: I have another network behind PFS; it's behind a Cisco 5505. There is a machine there running a simple tcp proxy that is proxying specific ports out to the Internet (long story as to why this oddity). Under the old 1.2 PFS - everything is fine. When I switch the new PFS - connections from that box and ONLY that box start out ok, but drop off after a few seconds. Literally I can watch communications start; data transfer start and within 30 seconds or less - dead. Now - I have some more troubleshooting to do - need to get wireshark on there and see exactly what's happening - but I thought I'd put this up; in case someone knows what may be happening.
Thank you for your time and attention.
-
Asymmetric routing, probably.
System > Advanced, Firewall/NAT tab, check "Bypass firewall rules for traffic on the same interface"
-
Thank you for the reply!
Asymmetric routing… possible... there are two gateways to the network with the proxying machine.
However, none of the devices in question PFS/Cisco/Proxy are aware of the second G/W. So unless I am misunderstanding - how is this possible? The connection is like this: Outside<->PFS<->Cisco<->Proxy. PFS has a second G/W defined but for a different network.
Additionally - is there something different in the way 1.2 and 2.x process this traffic? As the 1.2 version works just fine.
EDIT: BTW - Initial testing suggests that this indeed is the solution. Will add a full reply when fully confirmed.
