Firewall blocking LAN Traffic

ollixx77

Halo,
I made a clean install (2.2.1_x86),
set up the ports,
added login data for PPPoE
and it worked fine.

Until the next day. From now on traffic from LAN to WAN is blocked.
DNS-resolution works, but I can't get in the internet.

Some minor changes fix the problem until the next day.
E.g. enabling SSH-Server or even changing SSH-port make it work again for some time.

I'm running a totally default configuration:  PPPoE-WAN –- pfSense --- LAN
No additional firewall rules, addons or something else.
The only special about my configuration is, I have some additional NIC's installed.
I want to use them later for WLAN, DMZ. For the moment they are not configured.

Does anyone has an idea what's going wrong?

---

Oliver S.
ISLE GmbH, Ilmenau.

2chemlud

Hi!

Could you be little more specific on "I can't get to the internet". Error messages? Logs?

Is your gateway up while trying? Have a look at the logs if apinger (gateway monitoring) is going mad.

What is the rule blocking the outbound traffic (shown when you click on the white/red cross button to the left of the blocked traffic)?

Is it out-of-state traffic?

Regards

chemlud

KOM

Did you incorrectly define a gateway for your LAN?  Interfaces - LAN - IPv4 Upstream Gateway should be blank.

ollixx77

I configured nothing except the PPPoE login data.
Sorry, in my original post where some screenshots.

See here:
https://www.dropbox.com/sh/ydib4t3q7i747lx/AAApSMk_lDxx7sn7APhKXQqXa?dl=0

When I ping an URL, the ping get the correct ip address but nothing more. As you can see in the log, everything is blocked.
IPv4 Upstream Gateway = none

2chemlud

Hi again!

But from your first post I got that it is working for some time (one day?) before everything is blocked.

What is the rule blocking the traffic? What does the states table look like? Has the PPPoE been disconnected by the provider over night? Is it re-established correctly afterwards?

Does reloading the firewall rules help?

Maybe erase the "allow all" rule and create it freshly to see if the traffic comes back.

Maybe some kind of hardware issue?

doktornotor

@ollixx77:

I configured nothing except the PPPoE login data.
Sorry, in my original post where some screenshots.

If you configured nothing but the PPPoE WAN and are having inexplicable issues, then ditch the setup and start from scratch. Otherwise, post the actual interfaces configuration screenshots.

ollixx77

Added tables, LAN, WAN interface settings and complete config file:
https://www.dropbox.com/sh/ydib4t3q7i747lx/AAApSMk_lDxx7sn7APhKXQqXa?dl=0