Disable Firewalling for packets entering and leaving the same interface w/ CARP



  • Hi all,

    I have some problems with PFSense 1.2-Release.

    I have a pair of firewalls configured with CARP (which is working nicely).

    Now I have another router "inside" which connects via MPLS to a customer branch office.

    When I try to open a connection from the branch, pfsense sees only half of the connection and begins to drop it after a few minutes.

    I have already enabled "Static Route Filtering" so that firewall rules should be bypassed on the same interface. This is enabled on both firewalls.

    I still see pf states for those "half" connections. Is there any magic I could turn on (except routes on the servers themselves?)

    Kind regards,

    Falk



  • Create rules for the networks on pf to use the no state advanced option so pf doesn't try to nomalize the connection.


Log in to reply