Specific web pages won't load through otherwise functional transparent firewall



  • I'm at a loss with this issue - I'm assuming this is a bridging problem or state problem, though Firewall may also be a possibility.
    What's happening is a specific webpage (www.ilfonline.org, it will work for you) won't load on WINDOWS computers on the LAN side of my transparent firewall. Packet captures from PFsense (read in wireshark) show web requests going out from the client and coming back from the page on the WAN side, but the reply packets just disappear from there and are never seen on the LAN port. Again, this is only with Windows computers. Linux computers (and phones and ipads, etc) load the page normally. I'm not sure if this is some different method the ILF webpage uses or just a freak coincidence.
    This whole network is static IP

    I assumed this was a bridging problem as it never showed up in firewall logs even with default / bogon logging turned on.
    My current config is the PFSense server physically sitting between a shared switch connected to the router / internet and a staff LAN. Two ports are in use on the firewall, as a WAN and a LAN port both bridged to a OPT1 interface. Firewall rules work as expected, we host several webpages and they're all accessible while other services are blocked as they should be. All traffic out works normally.

    The thing that makes me thing this is a bridging / state issue is the ARP table shows all the IPs / MACs being on the bridge interface, OPT1.
    How on earth do I even troubleshoot this thing?


Log in to reply