Messages

This is my own mail server and yes, it responds to connections at port 25. The problem is that the packets for <mailserver>:25 don't leave the WAN interface, but packets for <mailserver>:587 do (watched by tcpdump on the firewall). There are no blocking rules etc., just a freshly installed OPNSense without NAT.

I'm going to restore the FW to factory config and repeat every step I done, checking every time if I can telnet to port 25 on my mailserver.

Martin

Yes, I'm sure. It works from WiFi (same Accesspoint). I couldn't see the packets leave WAN interface on the FW.

I replaced an aging pfsense firewall on slow hardware by opnsense 20.1 on a APU2 board. The setup is fairly simple, no NAT, only routing and filtering. Outbound NAT is set to Manual rule generation, but no rules are defined.


LAN (192.168.99.0/24) - Lan_IF (192.168.99.1/24) - Firewall- WAN_IF (192.168.245.3/24) - Gateway (192.168.245.1)

The WAN net has a default gateway which handles internet access. This gateway has a route to my LAN and sends traffic to the WAN interface. For the moment, every interface on the OPNSense has only one rule, pass any any. Everything works fine... except access to a smtp server in the internet. A "telnet <server> 25" just doesn't work, a "telnet <server> 587" does. Yes, the <server> accepts traffic on port 25 and 587....

I used tcpdump on LAN and WAN and see the packets from the LAN computer on port 25 go into the firewall, but nothing leaves the WAN interface. The log shows no blocked traffic, the packets on port 25 just evaporate somewhere. Another thing that baffles me are a lot of blocked packets from one host in LAN to other hosts in WAN. A nagios on a LAN computer regularly checks all possible adresses in WAN net by trying to reach port 80. These are blocked by "default deny rule". But why? There is a "pass any any"-rule in LAN (and WAN) as first rule...

What can I do to find out what's going on?

Martin