OPNsense Forum

English Forums => General Discussion => Topic started by: novecat on January 15, 2019, 11:00:05 am

Title: [Resolved] OPNSense Firewall Default Deny Rule Blocking Traffic to Public
Post by: novecat on January 15, 2019, 11:00:05 am

Hi OPNSense Experts:

OPNsense version: OPNsense 18.1.9

Diagram (roughly drawn)
Public IP <----> Check Point Firewall (192.168.200.4) <--->  OPNSense Firewall (192.168.200.30/24) <---> NGINX (192.168.200.101/24)

Objective
Allow public to reach the NGINX server via HTTPS

Issue
I am having a very unusual issue with our OPNSense Firewall configuration, we have configured an NGINX sitting behind the OPNSense Firewall (acting as Tier 2) whilst a Port Forwarding was configured on the Check Point Firewall (acting as Tier 1).

On the Check Point Firewall, the logs can clearly see traffic hitting the public IP via HTTPS, however, the NGINX test page was not seen. After digging around suspecting the issue was on the Check Point, I realized the OPNSense Firewall are response to the public. (view image: Live Log and Live Log Detail).

Most ironic thing is, I have configured the Firewall to allow all traffics in and out but the Live Log is still showing a "Default Deny Rule" (view image: Floating Rule and Interface Rule)

Any idea what might be causing this? A bug? Or a misconfiguration on my end?

Regards,
Nove

Title: Re: [Resolved] OPNSense Firewall Default Deny Rule Blocking Traffic to Public
Post by: novecat on January 17, 2019, 10:51:12 am

Resolve, issue not related to OPNsense.
It is related to design issue.