Odd Upload Issue

  • Not sure if this is the right section, I am having an odd upload issue to any wordpress web site on 2 of my LANs, 1 LAN works just fine. I am trying to get an idea of what could cause this as I only have upgraded pfSense and installed packages and have not adjusted many settings. If I try to upload any file to any wordpress web site on LAN or LAN3 it fails, if I am on LAN2 it work just fine. Anyone have any ideas?

  • I found the issue, but I have no block rules on LAN, LAN2 or LAN3

    block drop in log inet all label "Default deny rule IPv4"

    So why would LAN2 work but LAN and LAN3 are affected?

  • LAYER 8 Global Moderator

    you need allow rules.. Lan creates them for you, any other interfaces will only have the default deny.. You have to allow the traffic you want.

  • All I have are allow rules between the LANs, I have had this issue before and when I reboot the unit it fixes the issue, it has been quite a while before this issue came up again.

    I would like to ask how should the rules be created? The current issue I would like to solve is anything on LAN can access the web server on LAN2

    I have this rule currently, I had LAN Net and just switched it LAN Address. How would you create a rule and I can try it right now to see if the issue is resolved. Been researching this for the past 2 hours. I am trying not to reboot the FW.

    IPv4 TCP LAN address * * * none TCP LAMPP Allow

    I have had the same rules for a long time and this issue pops up randomly, this is the 3rd time since running pfSense this has happened.

  • I am stuck, I have tried many allow rules and nothing works while the 2 other LANs has no issues.

    I have these rules

    IPv4 * LAN net * * * * none
    IPv4 TCP LAN net * LAN2 net * * none

    One LAN 2 where the server is

    IPv4 * LAN2 net * * * * none Default allow LAN2 to any rule

    IPv4 * LAN net * LAN2 net * * none LAN to LAN2 Allow

    If I go onto the other 2 networks I can upload to my wordpress sites without an issue. It is only LAN that any upload fails.

  • LAYER 8 Global Moderator

    "is anything on LAN can access the web server on LAN2"

    And is tha web server running a firewall?  This is common mistake where they blame it on pfsense when they forget about the local hosts firewall.

    If your lan has any any, and webserver is in lan2..

    Unless you are routing traffic out to some specific gateway so lan can not even get to lan2 - you could have no rules on lan2 and lan would get there with the default any any rule..  Why don't you just sniff on your web server to validate the traffic gets there or not.

    Your not trying to run the same network on lan2 as lan are you? And you didn't set any gateways on pfsense lan interfaces…

  • my setup has been the same for a long time without issues until recently or I have not noticed the upload issue

    The LANs all have different IP ranges and subnets

    LAN and LAN 2 both have rules to allow traffic back and forth from each LAN

    I have tried LAN/LAN2 Address and LAN/LAN2 Net and nothing works.

    If I switch to LAN 3 I have no issues, If I connect to my office and go over WAN I have no issues

    Something on LAN is breaking the upload process, I can upload small files but while on LAN I cannot upload file larger then 1MB

    If the FW on the server was the issue wouldn't all be affected and not just LAN as in WAN, LAN2 and LAN3 all would have the same issue?

    I have these rules on LAN2 now and still have the same issue just with LAN

    IPv4 * LAN2 net * * * * none Default allow LAN2 to any rule
    IPv4 * * * LAN2 net * * none Default allow LAN2 to any rule

  • LAYER 8 Global Moderator

    a rule that allows access to lan2 is pointless on lan2 since nobody talks to pfsense on lan2 when talking to lan2

    Rules are evaluated inbound to a interface..  So that 2nd rule you listed it never ever fired..

    Your saying it works when you put it on lan3..

    Please post up your rules on all your interfaces and your networks being used.

    And draw up your network..  Make no sense at all that you say you can upload small files and not large ones.  If pfsense allows the traffic for small, then it could give 2 shits how big your upload is.

    Are you using any packages like snort or proxy?  Is pfsense on hardware or vm?

Log in to reply