OPNsense Forum
Archive => 19.1 Legacy Series => Topic started by: Wuschy on June 21, 2019, 09:49:33 pm
-
Hi all,
I don't get it... I've configured the (NAT) rules for GRE and PPTP and in the Log-Files, I can see an incoming connection, answered by my server but then the packages are shown up as incoming from LAN and get blocked by the default deny rule:
__timestamp__ Jun 21 21:23:18
ack 1472432395
action [block]
anchorname
datalen 0
dir [in]
dst 178.197.227.178
dstport 18413
ecn
id 5395
interface em0
ipflags DF
label Default deny rule
length 56
offset 0
proto 6
protoname tcp
reason match
ridentifier 0
rulenr 8
seq 929540809
src 192.168.1.106
srcport 62369
subrulenr
tcpflags SA
tcpopts
tos 0x0
ttl 127
urp 8192
version 4
by the way, this has worked before, but I had issues with my VPN Server and after fixing it, the FW now gets me curious!
Please help!!
-
Again "btw": it seems that the WAN IP address is recognized as a LAN address, I think thats the reason for the block (default deny rule)
-
another btw:
once it was working but over GRE only... and there the traffic was listed as outgoing WAN with my public IP address.....??