Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problems with Firewall & SYN_SENT states

    Firewalling
    1
    1
    2958
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yugisop last edited by

      Hi,

      I've been using pfSense for the past year for connecting 2 sites with an Openvpn tunnel using PKI security. Everything works fine 99.95% of the time; except on some occassions I have a TCP application at the remote site that connects to W2K3 server driven application. Whenever the server service is restated it would drop the client connection and even though the client is set to auto re-connect this is often a huge problem.

      On investigating in pfSense I have notice states on both routers listed as SYN_SENT. after resetting both state tables a couple of times the client is finally able to re-connect but the real problem is that manual intervention is required for this. I have tried using the different states options on my default lan rule "Any - Any Pass" but with no luck. Also tried UDP and TCP type tunnels with no success.

      Remote Site  …
      LAN          = 172.21.20.14/24
      WAN          = 10.10.10.2/24
      OVPN Int    =IP 192.168.20.2 (192.168.20.0/24)

      Host Site ....
      LAN          = 172.21.10.14/24
      WAN          = 10.10.10.1/24
      OVPN Int    = 192.168.20.1  (192.168.20.0/24)
      Custom options = push "redirect-gateway local def1"

      Let me know if any other info is required. Can send config file if required.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post