yes, i block ICMP inbound at the WAN.
-phil
On Oct 1, 2008, at 6:00 PM, Tim Nelson wrote:
Are you blocking any ICMP traffic? PMTU (MTU path discovery) relies
on ICMP to automagically determine the proper MTU...
On nearly all of my installations, I'm blocking EVERYTHING
including ICMP on the WAN and PMTU still works fine. Maybe you have
it blocked elsewhere?
Just a thought...
Tim Nelson
Systems/Network Engineer
Rockbochs Inc.
(218)727-4332 x105
----- "Tim Dickson" <[EMAIL PROTECTED]> wrote:
I had this same issue with fedex.com a while back
Adjusted mtu, did a fresh install, never could find a solution... one
day it started working again.
(weird thing was half our clients could connect and half could not.)
-Tim
-----Original Message-----
From: Tim Nelson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 01, 2008 3:46 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] Can't connect to subaru.com on port 80
It may be helpful to see your rulesets on your LAN and WAN
interfaces... or paste the pertinent XML from your config file..
Tim Nelson
Systems/Network Engineer
Rockbochs Inc.
(218)727-4332 x105
----- "BSD Wiz" <[EMAIL PROTECTED]> wrote:
i'm connected via cable modem, mtu is set to 1500.
thanks
-phil
On Oct 1, 2008, at 5:23 PM, Chris Buechler wrote:
On Wed, Oct 1, 2008 at 6:18 PM, BSD Wiz <[EMAIL PROTECTED]> wrote:
pfSense 1.2.1 RC1
only add-on package installed is iperf.
I have rules to allow allow traffic out on port 80 and 443. I
have
also(just
to be sure) allowed *ALL* traffic out from my static ip on my
macbook.
Problem is I can't get to the site subaru.com.
I don't see anything in the logs and I've never had a problem
getting to any
other site. If I telnet from the pfsense firewall to subaru.com
on port 80
it get's connected. If i try that from my machine(laptop macbook)
it times
out.
am i missing something or what?
We don't like Subaru. ;) kidding
sounds like a MTU issue, try lowering your MTU on WAN if you have
PPPoE.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
