• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Blocking TCP:RA, TCP:FPA,TCP:A

Scheduled Pinned Locked Moved Firewalling
5 Posts 3 Posters 5.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    localhostx
    last edited by Jan 28, 2015, 2:16 PM Jan 28, 2015, 2:13 PM

    Hi all,

    I have the attached rules in my LAN and OpenVPN IFs.  However, there are still rejected packets such as [Rst,Ack] and etc.. Do you have any idea of why?

    thanks
    logs.png
    logs.png_thumb
    openvpn_rules.png
    openvpn_rules.png_thumb
    lan_rules.png
    lan_rules.png_thumb

    1 Reply Last reply Reply Quote 0
    • G
      GroundX
      last edited by Jan 28, 2015, 2:20 PM

      Did you set any advanced features on the FW rules (LAN side?).
      Seems to me like it should work.

      1 Reply Last reply Reply Quote 0
      • L
        localhostx
        last edited by Jan 28, 2015, 2:34 PM

        No advanced firewall rules.

        Can this be because of an invalid flag for the current state of TCP connection?

        1 Reply Last reply Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator
          last edited by Jan 28, 2015, 4:46 PM

          This is typical out of state being blocked..

          https://doc.pfsense.org/index.php/Why_do_my_logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • L
            localhostx
            last edited by Jan 28, 2015, 5:17 PM

            Thanks for the answer.

            1 Reply Last reply Reply Quote 0
            1 out of 5
            • First post
              1/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received