Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[SOLVED] TCP Connections denied per deny default
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] TCP Connections denied per deny default (Read 1464 times)
Cattapiller
Newbie
Posts: 6
Karma: 0
[SOLVED] TCP Connections denied per deny default
«
on:
August 07, 2022, 10:04:37 am »
Heya,
im stumbling into a really weird one here.
Ive got some tcp connections that are going through and some that just arent. Just directly blocked by deny default via floating rules. (Can see it in the live log from the firewall) But there are ALLOW all rules for the clients to connect to the internet.
My setup:
ISP <---> OPNsense <-> Switches <-> Clients
Ive got a couple VLANS for the clients, VLANs for mgmt.
The clients are
able to connect to the internet and are passed through the OPNsense firewall (so that works)
. They can reach most of the web, but if they try to reach certain websites, its denied by default via floating rules.
Denied instantly on Websites like Whatsapp, Facebook, Protonmail and so on.....
ISP is doin the NAT for us.
Not using DNS from OPNsense.
Not using any Webproxy or something. Its just plain routing.
Ive tried to set
firewall -> settings -> advanced : firewall optimization
to conservative (was normal) like suggested in another post, and it wasnt helping.
Thanks in advance!
«
Last Edit: August 23, 2022, 02:08:34 am by Cattapiller
»
Logged
Cattapiller
Newbie
Posts: 6
Karma: 0
Re: TCP Connections denied per deny default
«
Reply #1 on:
August 23, 2022, 02:07:33 am »
Well i solved it. Dont know why, but now it works.
System > Settings > Tunables :
net.inet.udp.checksum UDP Checksums
net.inet.tcp.tso TCP Offload Engine
both set to 1.
Now it works flawlessly.
Cheers.
«
Last Edit: August 23, 2022, 02:11:15 am by Cattapiller
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[SOLVED] TCP Connections denied per deny default
