Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
default deny rule matchs, and ignores wan rule
« previous
next »
Print
Pages: [
1
]
Author
Topic: default deny rule matchs, and ignores wan rule (Read 1498 times)
Beleggrodion
Newbie
Posts: 14
Karma: 1
default deny rule matchs, and ignores wan rule
«
on:
July 01, 2021, 11:35:24 am »
I have a strange issue on one of our firewalls. i found some nearly similar threads here in the forum, but the solutions their don't work. But it looks like a double-nat asynchronious routing problem, but im'm not the expert here.
On the router of the provider, i had a port forwarding for ipsec and also https and ssh. (no source ip restrictions possible)
On the firewall i have the rule to allow all traffic from the source ip of our office to the wan interface.
But when i try to connect from the office, the "default deny" rule matches and the traffic is dropped.
I tried with the advanced setting of the rule and the state type "sloppy" and "none" but this don't have any effect.
Internet <=> Provider Router, 192.168.1.1 <=> OPNsense Firewall 192.168.1.128
All IP's are fixed. Netstat on the firewall told me the following: (The ip's i x-ed are vpn ipsec networks, which currently also not work, the 192.168.9.0 net is the guest wlan)
Internet:
Destination Gateway Flags Netif Expire
default 192.168.1.1 UGS igb0
10.x.x.x/24 192.168.1.1 US igb0
127.0.0.1 link#5 UH lo0
172.21.9.0/24 link#2 U igb1
172.21.9.1 link#2 UHS lo0
172.27.x.x/16 192.168.1.1 US igb0
192.168.1.0/24 link#1 U igb0
192.168.1.128 link#1 UHS lo0
192.168.x.0/24 192.168.1.1 US igb0
192.168.9.0/25 link#8 U igb1_vla
192.168.9.1 link#8 UHS lo0
A i was onsite to install the firewall on monday's the connections worked, but now not anymore without a change (until now which i tried with sloppy, and so on).
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
default deny rule matchs, and ignores wan rule