Show Posts
1
21.1 Legacy Series / host being blocked after session is established?
« on: April 05, 2021, 04:49:27 am »
so I have a fresh install of 21.4. Very basic setup, WAN & LAN only.
default rules on LAN side. Trying to enable a port forward from a jump server to hit the firewall on port 10022 and have it forwarded to a local server on port 22.
I have an incoming WAN icmp rule from the jump server that works fine, however the port forward rule does not. While trying to figure that out ....
I can ssh to the jump server and it will let me stay connected for about 30-60 seconds, and then the firewall decides to block traffic for the same session I just established??
I have IDS enabled, but set only to alert.
I cannot find the 'default rule' that seems to be blocking the session. (Is this a bug - when I click in to the info on the rule and click on the hyperlink to bring up the rule that is blocking it, it opens a window that is immediately closed in chrome & firefox. Bringing it up it looks like https://opnsense/firewall_rule_lookup.php is not returning anything? Is the script broken?)
Apparently I can't upload attachments to this forum either. here's the log file :
https://photos.app.goo.gl/mMsxEaKDM49akHxS6
I'm seeing a ton of LAN -> Internet traffic that is getting blocked by this default rule for other hosts as well.
default rules on LAN side. Trying to enable a port forward from a jump server to hit the firewall on port 10022 and have it forwarded to a local server on port 22.
I have an incoming WAN icmp rule from the jump server that works fine, however the port forward rule does not. While trying to figure that out ....
I can ssh to the jump server and it will let me stay connected for about 30-60 seconds, and then the firewall decides to block traffic for the same session I just established??
I have IDS enabled, but set only to alert.
I cannot find the 'default rule' that seems to be blocking the session. (Is this a bug - when I click in to the info on the rule and click on the hyperlink to bring up the rule that is blocking it, it opens a window that is immediately closed in chrome & firefox. Bringing it up it looks like https://opnsense/firewall_rule_lookup.php is not returning anything? Is the script broken?)
Apparently I can't upload attachments to this forum either. here's the log file :
https://photos.app.goo.gl/mMsxEaKDM49akHxS6
I'm seeing a ton of LAN -> Internet traffic that is getting blocked by this default rule for other hosts as well.