If you have a terminal on the OpnSense box, a tcpdump command something like this:
tcpdump -n -i eth0 'tcp[tcpflags] & tcp-syn != 0 and tcp[tcpflags] & tcp-ack == 0 and dst $publicipaddr and tcp port 443' Where $publicipaddr is the IP address of the WAN interface. This will show all the SYN packets arriving with tcp port 443. On Sun, Oct 6, 2024 at 9:43 PM Russell Senior <[email protected]> wrote: > > > > On 10/6/24 15:13, Courtney Rosenthal wrote: > > I posted last week about not getting IPv6 on my Quantum Fiber > > connection. I haven't resolved that -- but I've got an even greater > > concern: I'm not receiving any inbound TCP connection requests. > > > > (Again, I'm not using the default router. I'm using an OpnSense router > > built with a Qutom mini-pc.) > > > > My outbound TCP is working fine. My router is receiving and responding > > to ICMP PING messages. But packet capture at the router WAN interface > > shows incoming TCP connection request are never arriving. > > To see if there is any filtering going on, you need to do packet capture > at the OpnSense box: > > https://docs.opnsense.org/manual/diagnostics_interfaces.html#packet-capture > > and see if the packets arrive. > > If they don't, then something upstream is filtering them. If they arrive > on the OpnSense WAN interface, then look at the LAN interface and see if > they are being forwarded appropriately by OpnSense. > > I don't have any experience with OpnSense, > > -- > Russell Senior > [email protected]
