OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: 555|STi on June 07, 2020, 10:05:07 pm

Title: Weird blocking rule
Post by: 555|STi on June 07, 2020, 10:05:07 pm

A couple days ago I was searching through firewall logs and found some weird behaviour.

The thing is:

I have my LAN Network: 172.17.10.0/23
And my OVPN Network: 10.8.1.0/24 and the OVPN server is 172.17.10.2.
I can see the remote VPN Machines, and they can see my LAN.

The problem is that connection drops randomly, I can connect via SSH to the remote OVPN client router, but connection dies a couple seconds after. The same happens when I connect to remote cameras. I can see the video stream but the video stops after a couple seconds.

Looking at the FW logs, I found something that seems very strange to me.

Code: [Select]

   ALLOW      LAN      <-      Jun 7 15:49:41   172.17.10.12:50316   10.8.1.4:2000   tcp   FLOAT LAN TO OVPN   
   DENY      LAN      ->      Jun 7 15:49:41   172.17.10.12:50316   10.8.1.4:2000   tcp   FLOAT LAN TO OVPN   
   DENY      LAN      ->      Jun 7 15:49:36   172.17.10.12:50233   10.8.1.4:2000   tcp   Default deny rule   
   DENY      LAN      ->      Jun 7 15:49:33   172.17.10.12:50233   10.8.1.4:2000   tcp   Default deny rule

Some packets are allowed to reach destination, but the next ones are not. Same ports, same source and destination.
It happens every time I start a connection.

Can you please tell me where to start?

Thanks in advance.