Hello,
can anyone help me please? I have a problem with a console connection between the Opnsense and Proxmox which breaks off after a few seconds.
A rule was created that should let the traffic through the SRV_Lan to the LAN, which works, but in between I see that it is still blocked.
the Rule:
Source Port Destination Port Gateway
IN IPv4 TCP 10.1.20.20(SRV) * 10.1.10.10(LAN) * * * DC_2_Proxmox
but in Liveview is the Traffic blocked
SRV 2024-11-26T14:50:52 10.1.20.20:57634 10.1.10.10:8006 tcp Default deny / state violation rule
I have tried the destination port and it is also blocked, the rule simply does not work
my Setup:
--------ISP------------Proxmox
|
OpnSense---------SRV_Lan
|
----Lan
|
----DMZ
--------ISP------------Proxmox
|
OpnSense---------SRV_Lan
|
----Lan
|
----DMZ
My guess would be that the return path (from 10.1.10.10 to 10.1.20.20) is not through OPNsense, so it, by default, will consider the session invalid after a timeout of 30 seconds, because it's not seeing the full conversation. If you can't avoid asymmetric routing, you can hack around this by setting the state type for the rule allowing the connection to "sloppy".