On 10/19/2011 11:14 AM, David Burgess wrote: > On Wed, Sep 21, 2011 at 6:15 AM, David Burgess <[email protected]> wrote: > >> When host slab connects to host chunk by ssh, all is well (routed via >> pfsense B static route and OPT1; routed pfsense A OPT1 to LAN). >> When host pfsense B connects to host rip by ssh, all is well (layer 2 >> via pfsense B WAN2). >> When host slab connects to host rip by ssh, the session hangs quickly, >> ie, 0.1-2s (NAT via pfsense B WAN2) > > I'm still perplexed by this. Since my original post I've learned that > it's not just ssh that hangs; I've seen the same behaviour with http > as well. Browsing rip's web pages is generally not a problem, but if I > try to download a 50 MB file the download stalls then fails after > about 2 seconds. I believe that it has more to do with volume > transferred than time connected, as an ssh session can go on for > several seconds, but an scp or http bulk transfer will kill it much > quicker. > > There is something going on in pfsense B that works fine when routing > to rip, but doesn't work as expected when NAT is involved. I believe I > will try my luck posting this in the forum.
Have you tried checking "Bypass firewall rules for traffic on the same interface" under System > Advanced, on the Firewall/NAT tab? That will generally help get around some asymmetric routing issues that could be encountered in a situation involving static routes. Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
