Re: [pfSense Support] policy routing issue : stumped : more : SOLVED
On Mon, 2011-08-15 at 08:45 -0400, Jim Pingle wrote: > On 8/15/2011 5:11 AM, mayak-cq wrote: > > On Sat, 2011-08-13 at 11:34 +0200, mayak-cq wrote: > >> hi chris > >> > >> On Fri, 2011-08-12 at 17:00 -0400, Chris Buechler wrote: > > > > > > > >>> It does not, policy routing rules override the system routing table. > >> i just tried booting pfsense as a live cd, entered the minimum basic > >> information, ran tests, and wan interface route overrules my policy > >> route. this running in a vmware box, but i don't think that should > >> influence policy routing. > >> > >> i tested a lan rule that blocks a client, and that worked, and when i > >> changed back to "pass", the client uses wan interface default route in > >> stead of policy route. is there a way to query pfsense to show its > >> routing decision? > > > > i have installed vlans on the wan interface, and policy routing works as > > expected. > > It sounds like you were hitting this: > http://redmine.pfsense.org/issues/651 > > There is an issue with having two gateways on a single interface, moving > to vlans makes them land on separate interfaces, which is known to work > fine so long as they're on different subnets (or at least have different > gateways, but you could still have issues if they share a subnet). hi jim, yep! that was it -- vlans and different subnets has taken care of the issue ... thanks :-) m - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Upgrade from pfsense 1.2.3 to 2.0
I also have same problem. When shift to 2.0, port forwarding NAT or also not working openvpn... Pls guide if any have that solution... Thnx mohan 9826061122 On 8/15/11, Seth Mos wrote: > Op 15-8-2011 12:21, Aymen Belkhiria schreef: >> Hi all, >> >> >> After upgrade to pfsense 2.0 RC3 I have a problem to manage the WAN >> interface. >> >> I have a port forward work fine with pfsense 1.2.3 but when I upgraded >> to 2.0, something block the traffic >> and I can't access to the application from outside. > > Please confirm that you have a allow firewall rule on the WAN interface > from source any, port any to WAN IP port . > > It should just work. > > Kind regards, > > Seth > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > -- Sent from my mobile device - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Upgrade from pfsense 1.2.3 to 2.0
Hi Seth, Thanks for the quick answer, when I created the rule I was able to access to Web-gui pfsense interface from outside. Thanks On Mon, Aug 15, 2011 at 12:18 PM, Seth Mos wrote: > Op 15-8-2011 12:21, Aymen Belkhiria schreef: > > Hi all, > > > > > > After upgrade to pfsense 2.0 RC3 I have a problem to manage the WAN > > interface. > > > > I have a port forward work fine with pfsense 1.2.3 but when I upgraded > > to 2.0, something block the traffic > > and I can't access to the application from outside. > > Please confirm that you have a allow firewall rule on the WAN interface > from source any, port any to WAN IP port . > > It should just work. > > Kind regards, > > Seth > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > -- Aymen Belkhiria
Re: [pfSense Support] policy routing issue : stumped : more
On 8/15/2011 5:11 AM, mayak-cq wrote: > On Sat, 2011-08-13 at 11:34 +0200, mayak-cq wrote: >> hi chris >> >> On Fri, 2011-08-12 at 17:00 -0400, Chris Buechler wrote: > > > >>> It does not, policy routing rules override the system routing table. >> i just tried booting pfsense as a live cd, entered the minimum basic >> information, ran tests, and wan interface route overrules my policy >> route. this running in a vmware box, but i don't think that should >> influence policy routing. >> >> i tested a lan rule that blocks a client, and that worked, and when i >> changed back to "pass", the client uses wan interface default route in >> stead of policy route. is there a way to query pfsense to show its >> routing decision? > > i have installed vlans on the wan interface, and policy routing works as > expected. It sounds like you were hitting this: http://redmine.pfsense.org/issues/651 There is an issue with having two gateways on a single interface, moving to vlans makes them land on separate interfaces, which is known to work fine so long as they're on different subnets (or at least have different gateways, but you could still have issues if they share a subnet). Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Upgrade from pfsense 1.2.3 to 2.0
Op 15-8-2011 12:21, Aymen Belkhiria schreef: > Hi all, > > > After upgrade to pfsense 2.0 RC3 I have a problem to manage the WAN > interface. > > I have a port forward work fine with pfsense 1.2.3 but when I upgraded > to 2.0, something block the traffic > and I can't access to the application from outside. Please confirm that you have a allow firewall rule on the WAN interface from source any, port any to WAN IP port . It should just work. Kind regards, Seth - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Upgrade from pfsense 1.2.3 to 2.0
Hi all, After upgrade to pfsense 2.0 RC3 I have a problem to manage the WAN interface. I have a port forward work fine with pfsense 1.2.3 but when I upgraded to 2.0, something block the traffic and I can't access to the application from outside. when I did nmap on my global IP I can see the port is open but I can't reach the application. seems something wrong with NAT. Any Help? Thanks -- Aymen Belkhiria
Re: [pfSense Support] policy routing issue : stumped : more
On Sat, 2011-08-13 at 11:34 +0200, mayak-cq wrote: > hi chris > > On Fri, 2011-08-12 at 17:00 -0400, Chris Buechler wrote: > > It does not, policy routing rules override the system routing table. > i just tried booting pfsense as a live cd, entered the minimum basic > information, ran tests, and wan interface route overrules my policy > route. this running in a vmware box, but i don't think that should > influence policy routing. > > i tested a lan rule that blocks a client, and that worked, and when i > changed back to "pass", the client uses wan interface default route in > stead of policy route. is there a way to query pfsense to show its > routing decision? i have installed vlans on the wan interface, and policy routing works as expected. cheers, m - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
