Help with "Default deny rule"

Started by dison4linux, August 20, 2019, 10:28:47 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 20, 2019, 10:28:47 PM
Greetings,
I've seen some other posts along the same subject here on the forums but I haven't been able to take what's been discussed there and turn that into a solution for my case.
I have two routed VLANs (71 & 77) with OPNSense as the gateway between the two VLANs.
For simplicity I have created allow any rules for each interface.
     Firewall > Rules > 71 >
          Pass | IPv4* | Source: 71-Net | * | * | * | * | *
     Firewall > Rules > 77 >
          Pass | IPv4* | Source: 77-Net | * | * | * | * | *
For the most part traffic flows from hosts in each VLAN to hosts in the opposite VLAN but for some reason NFS traffic is regularly blocked between the two subnets and the rule name it gives is "Default deny rule"

Code Select
filterlog: 19,,,0,em1_vlan77,match,block,in,4,0x0,,64,38995,0,DF,6,tcp,40,10.0.77.10,10.0.71.16,1001,2049,0,A,,3500742655,512,,
filterlog: 19,,,0,em1_vlan77,match,block,in,4,0x0,,64,40072,0,DF,6,tcp,40,10.0.77.9,10.0.71.16,917,2049,0,R,2135877012,,0,,

Looking for some guidance as to why those allow any rules aren't always allowing NFS (2049/TCP) traffic.

Thanks,
Jon
Print
Go Up Pages1
User actions