Re: [pfSense] Strange Block on LAN interface

Fri, 13 Sep 2013 05:23:16 -0700 

On 12/09/13 01:23, Kevin Tollison wrote:
I am getting an odd behavior on 2.1RC2 . Hopefully I have just missed something. 

My site is setup as follows


PfSense -----  Site 1 192.168.1.0/24 <http://192.168.1.0/24>  ----- 
 Adtran router 192.168.1.3 ----- PPPT1 ---Site2 Adtran Router 192.168.3.3



I have added a static route in for the Adtran and everything works 
great with one exception.



We have some intermec scanners at site2 connecting to a Win2008 server 
at site 1




When I initiate a connection from the handheld to the server i get a 
failed connection with this in the firewall logs



block <https://192.168.1.254/diag_logs_filter_dynamic.php#> 	Sep 11 
19:15:56 	LAN 	192.168.1.98 	192.168.3.77:1139 
<http://192.168.3.77:1139> 	TCP:SA
block <https://192.168.1.254/diag_logs_filter_dynamic.php#> 	Sep 11 
19:15:59 	LAN 	192.168.1.98 	192.168.3.77:1139 
<http://192.168.3.77:1139> 	TCP:SA
block <https://192.168.1.254/diag_logs_filter_dynamic.php#> 	Sep 11 
19:16:05 	LAN 	192.168.1.98 	192.168.3.77:1139 
<http://192.168.3.77:1139> 	TCP:SA
block <https://192.168.1.254/diag_logs_filter_dynamic.php#> 	Sep 11 
19:16:17 	LAN 	192.168.1.98 	192.168.3.77:1139 
<http://192.168.3.77:1139> 	TCP:R





I can connect fine to the server RDP from a PC.  I have internet 
connectivity as well from a PC



The default in rule is triggering it.  I have added regular rules to 
allow and floating rules. I have also checked the box to bypass 
firewall rules on the same interface.




As a side note. We have another site using a pfsense over a VPN tunnel 
that works great.  Unfortunately I'm stuck with this private Point to 
point here.


This was working through a DSL modem/router with static routes prior.

Thanks

Kevin










_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list


Most probably this:
https://doc.pfsense.org/index.php/Logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection,_why%3F

_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list






















					Reply via email to