Recurring interrupts after short time

Started by Kornelius777, May 14, 2023, 11:42:51 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 14, 2023, 11:42:51 AM
Dear all,

since a while, I am facing a strange behaviour of my OPNsense firewall:

My setup is as follows:

LAN1 <--> wireguard server <--> OPNsense <--> Internet <--> Remote router <--> wireguard server <--> LAN2

Both wireguard servers are distinct machines.

When I establish a connection from LAN1 to LAN2, the connection will be interrupted after about 1 minute - regardless whether ssh, http, https - every connection will be interrupted.
And I always see something like:

Code Select
__timestamp__ 2023-05-14T11:31:19
ack 1421731495
action [block]
anchorname
datalen 44
dir [in]
dst 192.168.144.222
dstport 22
ecn
id 65429
interface re0
interface_name lan
ipflags DF
ipversion 4
label Reject LAN net @anywhere
length 96
offset 0
protoname tcp
protonum 6
reason match
rid 5b365651e685f4e2bf5168036efe6f63
rulenr 216
seq 1680107980:1680108024
src 192.168.150.205
srcport 59690
subrulenr
tcpflags PA
tcpopts
tos 0x10
ttl 64
urp 501

I just cannot find the reason for the TCP PA.
Why will the State Table keep dropping these connections?
Where can I look for problems?

Kind regards,
May 14, 2023, 04:59:11 PM #1
It looks like when setting "Firewall Optimization" to "conservative", the ssh connection is a lot more stable.
How can I investigate this issue any further?
Print
Go Up Pages1
User actions