Hi all,
I am running a pfSense version 1.0.1 on an Embedded system (Soekris net4801).
My network is 192.168.224.0/24, and the pfsense IP address is 192.168.224.1 .
In my network there is also a Watchguard device, in which it is active a VPN
tunnel to network 67.121.164.0/24.
So I activated a static route in the pfsense firewall (the pfsense firewall
is the default gateway of every PC in my lan) to access these public addresses
via VPN.
The static route configuration is:
Interface: LAN
Network: 67.121.164.0/24
Gateway: 192.168.224.230
Even if in most cases it seems to work, I noticed a problem doing an FTP
upload with a machine on the other side, that is that the upload stops after
50-60kbytes.
I analyzed the packets with a network analyzer, and I noticed that the
packets are never going directly to the VPN device, but always passing via the
firewall. Is it normal? I thought that after an ICMP redirect the pachets must
go directly to the VPN device, or not?
Can someone help me about this?
thank you very much
Fabio Ferrari
Here is the log of the packet analyzer, in which I substituted the MAC
addresses of the devices with their names:
P.S. I am sure that the problem is the static route because if I set the
route directly on the PC the FTP upload is working perfectly.
# TIME DESTMAC SRCMAC
1 | 08:26:12.780775 | FIREWALL | PC | IP: 192.168.224.75 =>
143.225.97.132 (152) | UDP: Length= 132, Port (3195 => 10752)
7 | 08:26:15.622583 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1174 => 21) Data (SN 4059805153, ACK 0,
WIN 65535) FTP
9 | 08:26:15.808770 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (48) | TCP: Port (21 => 1174) Data (SN 3912749003, ACK
4059805154, WIN 65535) FTP
10 | 08:26:15.808808 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805154, ACK
3912749004, WIN 65535) FTP
12 | 08:26:15.867763 | PC | FIREWALL | IP: 89.215.120.43 =>
192.168.224.75 (48) | UDP: Length= 28, Port (60154 => 3195)
13 | 08:26:15.995586 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (82) | TCP: Port (21 => 1174) Data (SN 3912749004, ACK
4059805154, WIN 65535) FTP
14 | 08:26:15.997082 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (85) | TCP: Port (21 => 1174) Data (SN 3912749046, ACK
4059805154, WIN 65535) FTP
15 | 08:26:15.997119 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805154, ACK
3912749091, WIN 65448) FTP
16 | 08:26:15.997835 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (101) | TCP: Port (21 => 1174) Data (SN 3912749091, ACK
4059805154, WIN 65535) FTP
17 | 08:26:16.009841 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (50) | TCP: Port (1174 => 21) Data (SN 4059805154, ACK
3912749152, WIN 65387) FTP
18 | 08:26:16.200124 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (71) | TCP: Port (21 => 1174) Data (SN 3912749152, ACK
4059805164, WIN 65525) FTP
19 | 08:26:16.204241 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (50) | TCP: Port (1174 => 21) Data (SN 4059805164, ACK
3912749183, WIN 65356) FTP
20 | 08:26:16.389794 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (55) | TCP: Port (21 => 1174) Data (SN 3912749183, ACK
4059805174, WIN 65515) FTP
21 | 08:26:16.395084 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (45) | TCP: Port (1174 => 21) Data (SN 4059805174, ACK
3912749198, WIN 65341) FTP
22 | 08:26:16.583271 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (71) | TCP: Port (21 => 1174) Data (SN 3912749198, ACK
4059805179, WIN 65510) FTP
23 | 08:26:16.586432 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805179, ACK
3912749229, WIN 65310) FTP
24 | 08:26:16.775363 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (72) | TCP: Port (21 => 1174) Data (SN 3912749229, ACK
4059805185, WIN 65504) FTP
25 | 08:26:16.782010 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805185, ACK
3912749261, WIN 65278) FTP
27 | 08:26:16.968712 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (90) | TCP: Port (21 => 1174) Data (SN 3912749261, ACK
4059805191, WIN 65498) FTP
28 | 08:26:16.978146 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1175 => 2789) Data (SN 1795567316, ACK 0,
WIN 65535)
30 | 08:26:17.157494 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805191, ACK
3912749311, WIN 65228) FTP
31 | 08:26:17.164817 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (48) | TCP: Port (2789 => 1175) Data (SN 453497843, ACK
1795567317, WIN 65535)
32 | 08:26:17.164849 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1175 => 2789) Data (SN 1795567317, ACK
453497844, WIN 65535)
33 | 08:26:17.169354 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805191, ACK
3912749311, WIN 65228) FTP
34 | 08:26:17.355408 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (65) | TCP: Port (21 => 1174) Data (SN 3912749311, ACK
4059805197, WIN 65492) FTP
35 | 08:26:17.359210 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (247) | TCP: Port (2789 => 1175) Data (SN 453497844, ACK
1795567317, WIN 65535)
36 | 08:26:17.359760 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2789 => 1175) Data (SN 453498051, ACK
1795567317, WIN 65535)
37 | 08:26:17.359804 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1175 => 2789) Data (SN 1795567317, ACK
453498052, WIN 65328)
38 | 08:26:17.360096 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (57) | TCP: Port (21 => 1174) Data (SN 3912749336, ACK
4059805197, WIN 65492) FTP
39 | 08:26:17.360123 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805197, ACK
3912749353, WIN 65186) FTP
40 | 08:26:17.467125 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1175 => 2789) Data (SN 1795567317, ACK
453498052, WIN 65328)
41 | 08:26:17.654903 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2789 => 1175) Data (SN 453498052, ACK
1795567318, WIN 65535)
46 | 08:26:26.645210 | FIREWALL | PC | IP: 192.168.224.75 =>
84.74.91.244 (232) | TCP: Port (1148 => 65466) Data (SN 108885175, ACK
4233795553, WIN 64164)
48 | 08:26:26.868240 | FIREWALL | PC | IP: 192.168.224.75 =>
84.74.91.244 (40) | TCP: Port (1148 => 65466) Data (SN 108885367, ACK
4233795557, WIN 64160)
52 | 08:26:31.386149 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1174 => 21) Data (SN 4059805197, ACK
3912749353, WIN 65186) FTP
53 | 08:26:31.573114 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (59) | TCP: Port (21 => 1174) Data (SN 3912749353, ACK
4059805205, WIN 65484) FTP
54 | 08:26:31.576831 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805205, ACK
3912749372, WIN 65167) FTP
55 | 08:26:31.766998 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (90) | TCP: Port (21 => 1174) Data (SN 3912749372, ACK
4059805211, WIN 65478) FTP
56 | 08:26:31.776112 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1176 => 2790) Data (SN 3031241518, ACK 0,
WIN 65535)
57 | 08:26:31.897437 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805211, ACK
3912749422, WIN 65117) FTP
58 | 08:26:31.962935 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (48) | TCP: Port (2790 => 1176) Data (SN 12913875, ACK
3031241519, WIN 65535)
59 | 08:26:31.962987 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1176 => 2790) Data (SN 3031241519, ACK
12913876, WIN 65535)
60 | 08:26:31.968044 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (55) | TCP: Port (1174 => 21) Data (SN 4059805211, ACK
3912749422, WIN 65117) FTP
61 | 08:26:32.154044 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (65) | TCP: Port (21 => 1174) Data (SN 3912749422, ACK
4059805226, WIN 65463) FTP
62 | 08:26:32.170620 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (44) | TCP: Port (1176 => 2790) Data (SN 3031241519, ACK
12913876, WIN 65535)
63 | 08:26:32.189244 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1176 => 2790) Data (SN 3031241523, ACK
12913876, WIN 65535)
64 | 08:26:32.299770 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805226, ACK
3912749447, WIN 65092) FTP
65 | 08:26:32.378251 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2790 => 1176) Data (SN 12913876, ACK
3031241524, WIN 65531)
66 | 08:26:32.381693 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2790 => 1176) Data (SN 12913876, ACK
3031241524, WIN 65531)
67 | 08:26:32.381719 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1176 => 2790) Data (SN 3031241524, ACK
12913877, WIN 65535)
68 | 08:26:32.382277 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (57) | TCP: Port (21 => 1174) Data (SN 3912749447, ACK
4059805226, WIN 65463) FTP
69 | 08:26:32.389022 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (70) | TCP: Port (1174 => 21) Data (SN 4059805226, ACK
3912749464, WIN 65075) FTP
70 | 08:26:32.574820 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (60) | TCP: Port (21 => 1174) Data (SN 3912749464, ACK
4059805256, WIN 65433) FTP
71 | 08:26:32.580390 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (45) | TCP: Port (1174 => 21) Data (SN 4059805256, ACK
3912749484, WIN 65055) FTP
72 | 08:26:32.768165 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (71) | TCP: Port (21 => 1174) Data (SN 3912749484, ACK
4059805261, WIN 65428) FTP
73 | 08:26:32.772161 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1174 => 21) Data (SN 4059805261, ACK
3912749515, WIN 65024) FTP
74 | 08:26:32.958100 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (59) | TCP: Port (21 => 1174) Data (SN 3912749515, ACK
4059805269, WIN 65420) FTP
75 | 08:26:32.961337 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805269, ACK
3912749534, WIN 65005) FTP
76 | 08:26:33.149744 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (90) | TCP: Port (21 => 1174) Data (SN 3912749534, ACK
4059805275, WIN 65414) FTP
77 | 08:26:33.158932 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (48) | TCP: Port (1177 => 2791) Data (SN 2885897887, ACK 0,
WIN 65535)
78 | 08:26:33.305610 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805275, ACK
3912749584, WIN 64955) FTP
79 | 08:26:33.345165 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (48) | TCP: Port (2791 => 1177) Data (SN 350731447, ACK
2885897888, WIN 65535)
80 | 08:26:33.345214 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1177 => 2791) Data (SN 2885897888, ACK
350731448, WIN 65535)
81 | 08:26:33.350261 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805275, ACK
3912749584, WIN 64955) FTP
82 | 08:26:33.536937 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (65) | TCP: Port (21 => 1174) Data (SN 3912749584, ACK
4059805281, WIN 65408) FTP
83 | 08:26:33.539019 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (247) | TCP: Port (2791 => 1177) Data (SN 350731448, ACK
2885897888, WIN 65535)
84 | 08:26:33.539548 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2791 => 1177) Data (SN 350731655, ACK
2885897888, WIN 65535)
85 | 08:26:33.539590 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1177 => 2791) Data (SN 2885897888, ACK
350731656, WIN 65328)
86 | 08:26:33.539797 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (57) | TCP: Port (21 => 1174) Data (SN 3912749609, ACK
4059805281, WIN 65408) FTP
87 | 08:26:33.539824 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805281, ACK
3912749626, WIN 64913) FTP
88 | 08:26:33.626453 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1177 => 2791) Data (SN 2885897888, ACK
350731656, WIN 65328)
89 | 08:26:33.813897 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (2791 => 1177) Data (SN 350731656, ACK
2885897889, WIN 65535)
90 | 08:26:34.845941 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (46) | TCP: Port (1174 => 21) Data (SN 4059805281, ACK
3912749626, WIN 64913) FTP
92 | 08:26:35.059349 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (53) | TCP: Port (21 => 1174) Data (SN 3912749626, ACK
4059805287, WIN 65402) FTP
93 | 08:26:35.059890 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (21 => 1174) Data (SN 3912749639, ACK
4059805287, WIN 65402) FTP
94 | 08:26:35.059929 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805287, ACK
3912749640, WIN 64900) FTP
95 | 08:26:35.060894 | FIREWALL | PC | IP: 192.168.224.75 =>
67.121.164.83 (40) | TCP: Port (1174 => 21) Data (SN 4059805287, ACK
3912749640, WIN 64900) FTP
96 | 08:26:35.248085 | PC | VPNDEVICE | IP: 67.121.164.83 =>
192.168.224.75 (40) | TCP: Port (21 => 1174) Data (SN 3912749640, ACK
4059805288, WIN 65402) FTP
This e-mail and any files transmitted with it are the property of Sunrise
Telecom s.r.l., are CONFIDENTIAL, and are intended solely for the use of the
individual or entity to which this e-mail is addressed. If you are not one of
the named recipient's or otherwise have reason to believe that you have
received this message in error, please notify the sender at [EMAIL PROTECTED]
and delete this message immediately from your computer. Any other use,
retention, dissemination, forwarding, printing, or copying of this e-mail is
strictly prohibited.
