OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: Germano on July 12, 2018, 01:07:36 pm

Title: Default Deny Rule TCP port domain controller
Post by: Germano on July 12, 2018, 01:07:36 pm

Hello,

I do not understand the Default deny rule are not displayed in the interface.
through vlans I communicate with my domain but it blocks me TCP port 389,135,139,445.

yet I have a rule in LAN that allows communication LAN 10.10.10.0 LAN to an alias VLAN 10.10.30.0 ANY

all other ports are allow except those there.
I have to do what? it's still internal.

Title: Re: Default Deny Rule TCP port domain controller
Post by: mimugmail on July 12, 2018, 01:38:05 pm

Do you have a screenshot of your LAN ruleset?

Title: Re: Default Deny Rule TCP port domain controller
Post by: franco on July 12, 2018, 01:53:04 pm

Sounds like asymmetric traffic hitting your LAN port. You can disable state tracking in the IPv4 pass rule of your LAN.


Cheers,
Franco

Title: Re: Default Deny Rule TCP port domain controller
Post by: Germano on July 12, 2018, 04:11:35 pm

Thanks, it was good now

I will not have found.

Firewall>LAN rules> IPV4 default rule      edit advanced option below.
Value STATE TYPE> NONE        apply