"
I've checked both interfaces on each of the internal hosts and the mask looks fine (/24). They're both on DHCP (using same OPNSense for this too), and DHCP is configured correctly as well. Is there any way to turn off this "syn ack" functionality? I'm not familiar with that.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
23.1 Legacy Series / Default deny rule on ssh
November 21, 2023, 08:46:44 PM
I'm running default settings pretty much across the board. I'm unable to ssh from one machine on a LAN subnet to another machine on the same subnet. In the firewall log I see this:
__timestamp__ 2023-11-21T19:43:20
ack 3804592492
action [block]
anchorname
datalen 0
dir [in]
dst 192.168.1.152
dstport 49195
ecn
id 0
interface igc1
interface_name lan
ipflags DF
ipversion 4
label Default deny / state violation rule
length 60
offset 0
protoname tcp
protonum 6
reason match
rid 02f4bab031b57d1e30553ce08e0ec131
rulenr 5
seq 1985055759
src 192.168.1.50
srcport 22
subrulenr
tcpflags SA
tcpopts
tos 0x0
ttl 64
urp 65160
Again, I've added no rules and it appears the default is to allow all traffic so I'm confused why this is happening. The "src" IP address above is actually the system I'm trying to ssh TO if that helps. Any help would be greatly appreciated.
__timestamp__ 2023-11-21T19:43:20
ack 3804592492
action [block]
anchorname
datalen 0
dir [in]
dst 192.168.1.152
dstport 49195
ecn
id 0
interface igc1
interface_name lan
ipflags DF
ipversion 4
label Default deny / state violation rule
length 60
offset 0
protoname tcp
protonum 6
reason match
rid 02f4bab031b57d1e30553ce08e0ec131
rulenr 5
seq 1985055759
src 192.168.1.50
srcport 22
subrulenr
tcpflags SA
tcpopts
tos 0x0
ttl 64
urp 65160
Again, I've added no rules and it appears the default is to allow all traffic so I'm confused why this is happening. The "src" IP address above is actually the system I'm trying to ssh TO if that helps. Any help would be greatly appreciated.
Pages1
