Default deny / state violation rule on legitimate LAN traffic

Started by guest37863, April 11, 2023, 01:57:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 11, 2023, 01:57:50 PM
Hello,

Yesterday I installed OPNSense on my Mini PC and updated it to the latest version.  Unfortunately, the firewall rule "Default deny / state violation rule" blocks traffic from my server to my laptop and I cannot figure out why. To make this problem even more confusing, not all of my server traffic gets blocked.

Code Select
OPNsense 23.1.5_4-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

The LAN interface is running on igc1 with a 16 port network switch connected to the port.
Code Select
Static IPv4: 192.168.0.1/24
DHCP Subnet: 192.168.0.0
Subnet mask: 255.255.255.0
Range: 192.168.0.100 - 192.168.0.199

Both my laptop and server are connected to the switch with a static IP Address.
Code Select
Laptop IP Address: 192.168.0.100
Server IP Address: 192.168.0.101

The server is running proxmox with two VM's and both have a static IP Address.
Code Select
Gitlab: 192.168.0.209
Home Assistant: 192.168.0.205

The problem:

Traffic from Gitlab IP Address is being blocked by the firewall.
https://ibb.co/kxc2bWb

The firewall rules have not been changed beyond the defaults.
https://ibb.co/Cm0XkLj

What confuses me is the Home Assistant connection works.
https://ibb.co/QkT6Mnf

At first I thought I messed something up during the installation, so this morning I reinstalled from scratch and didn't configure anything except the DHCP. Plugged in the server and the traffic still gets blocked.

I'm at my wits end here and I have no idea what I'm doing wrong. It seems like a simple configuration issue, but I don't know where to even begin.

Please help?

Thanks!
April 11, 2023, 03:33:49 PM #1
Inconsistent netmasks?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 12, 2023, 02:18:05 PM #2
Turns out my statically provisioned IP Address Proxmox containers were routing requests through the gateway, and because the gateway did not have a corresponding request to match the response, it would drop the connection.

I configured the Proxmox containers to use DHCP and everything is working now.
Print
Go Up Pages1
User actions