Odd Upload Issue
-
Not sure if this is the right section, I am having an odd upload issue to any wordpress web site on 2 of my LANs, 1 LAN works just fine. I am trying to get an idea of what could cause this as I only have upgraded pfSense and installed packages and have not adjusted many settings. If I try to upload any file to any wordpress web site on LAN or LAN3 it fails, if I am on LAN2 it work just fine. Anyone have any ideas?
-
I found the issue, but I have no block rules on LAN, LAN2 or LAN3
block drop in log inet all label "Default deny rule IPv4"
So why would LAN2 work but LAN and LAN3 are affected?
-
you need allow rules.. Lan creates them for you, any other interfaces will only have the default deny.. You have to allow the traffic you want.
-
All I have are allow rules between the LANs, I have had this issue before and when I reboot the unit it fixes the issue, it has been quite a while before this issue came up again.
I would like to ask how should the rules be created? The current issue I would like to solve is anything on LAN can access the web server on LAN2
I have this rule currently, I had LAN Net and just switched it LAN Address. How would you create a rule and I can try it right now to see if the issue is resolved. Been researching this for the past 2 hours. I am trying not to reboot the FW.
IPv4 TCP LAN address * 192.168.0.22 * * none TCP LAMPP Allow
I have had the same rules for a long time and this issue pops up randomly, this is the 3rd time since running pfSense this has happened.
-
I am stuck, I have tried many allow rules and nothing works while the 2 other LANs has no issues.
I have these rules
IPv4 * LAN net * * * * none
IPv4 TCP LAN net * LAN2 net * * noneOne LAN 2 where the server is
IPv4 * LAN2 net * * * * none Default allow LAN2 to any rule
IPv4 * LAN net * LAN2 net * * none LAN to LAN2 Allow
If I go onto the other 2 networks I can upload to my wordpress sites without an issue. It is only LAN that any upload fails.
-
"is anything on LAN can access the web server on LAN2"
And is tha web server running a firewall? This is common mistake where they blame it on pfsense when they forget about the local hosts firewall.
If your lan has any any, and webserver is in lan2..
Unless you are routing traffic out to some specific gateway so lan can not even get to lan2 - you could have no rules on lan2 and lan would get there with the default any any rule.. Why don't you just sniff on your web server to validate the traffic gets there or not.
Your not trying to run the same network on lan2 as lan are you? And you didn't set any gateways on pfsense lan interfaces…
-
my setup has been the same for a long time without issues until recently or I have not noticed the upload issue
The LANs all have different IP ranges and subnets
LAN and LAN 2 both have rules to allow traffic back and forth from each LAN
I have tried LAN/LAN2 Address and LAN/LAN2 Net and nothing works.
If I switch to LAN 3 I have no issues, If I connect to my office and go over WAN I have no issues
Something on LAN is breaking the upload process, I can upload small files but while on LAN I cannot upload file larger then 1MB
If the FW on the server was the issue wouldn't all be affected and not just LAN as in WAN, LAN2 and LAN3 all would have the same issue?
I have these rules on LAN2 now and still have the same issue just with LAN
IPv4 * LAN2 net * * * * none Default allow LAN2 to any rule
IPv4 * * * LAN2 net * * none Default allow LAN2 to any rule -
a rule that allows access to lan2 is pointless on lan2 since nobody talks to pfsense on lan2 when talking to lan2
Rules are evaluated inbound to a interface.. So that 2nd rule you listed it never ever fired..
Your saying it works when you put it on lan3..
Please post up your rules on all your interfaces and your networks being used.
And draw up your network.. Make no sense at all that you say you can upload small files and not large ones. If pfsense allows the traffic for small, then it could give 2 shits how big your upload is.
Are you using any packages like snort or proxy? Is pfsense on hardware or vm?