On Tue, Sep 11, 2012 at 12:03 PM, Theodor-Iulian Ciobanu <[email protected]> wrote: > Hello, > > I inherited a very old instance of pfsense (1.0.1) acting as a router > and firewall between multiple DMZs and WAN (LAN is empty and unused). > > After updating to 1.2.3, outbound connections were working fine, but I > was no longer able to connect to any of the servers from outside. Not > wanting to have to reinstall 1.0.1 I hoped that this was maybe a > bug/regression in the NIC driver (there's just one network card with > just one port that is fed all the corresponding tagged VLANs) and > applied the full update to 2.0.1 as well. Everything went fine, but the > behavior persisted. So I started debugging it (or at least tried to), > with wireshark on a client system and tcpdump on pfsense and one of the > servers: > > When trying to ssh from the client to the server, I can see the TCP > handshake. After the client sends it's ack, the server sends the SSH > banner. I can see the packet in the dump from the server and on the > firewall on both virtual interfaces (the one in the DMZ and the one in > WAN). But the packet is never received on the client. > > What happens instead, is that the server receives a TCP RST packet, > seemingly coming from the client. But none of the dumps on the client > or pfsense show such a packet being sent. >
Add a -e to your tcpdump and see what MAC is sourcing that RST. That's the source of your issue, and based on your description, it has nothing to do with the firewall (if you're getting a RST on the server that you don't see on the firewall, something other than the firewall or the client has to be sending it). _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
