Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[Firewall] Configuring allow all in/out on a WAN interface
« previous
next »
Print
Pages: [
1
]
Author
Topic: [Firewall] Configuring allow all in/out on a WAN interface (Read 997 times)
breisbrenny
Newbie
Posts: 5
Karma: 0
[Firewall] Configuring allow all in/out on a WAN interface
«
on:
February 22, 2022, 05:19:05 pm »
Hi there,
We have a customer traffic network which should allow all WAN traffic in/out directly to the machines!
There is no NAT on this network, the subnet goes straight upstream and the machines are connected directly to this WAN with a public IP address.
The default deny rule, although we have Allow all in/out to WANCustomer set, keeps stopping TCP/UDP (but oddly not ICMP) traffic from hitting the servers.
Any ideas on how we can figure out why the allow rule is being ignored/manually set a default deny rule on other interfaces and remove the floating one?
Logged
breisbrenny
Newbie
Posts: 5
Karma: 0
Re: [Firewall] Configuring allow all in/out on a WAN interface
«
Reply #1 on:
February 22, 2022, 05:29:04 pm »
Picture of default deny hitting attached
Logged
breisbrenny
Newbie
Posts: 5
Karma: 0
Re: [Firewall] Configuring allow all in/out on a WAN interface
«
Reply #2 on:
February 22, 2022, 06:15:03 pm »
Update!
We've figured out UDP + ICMP pass without an issue, the default deny rule is only catching TCP packets although there is a rule in-spec to allow the traffic!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[Firewall] Configuring allow all in/out on a WAN interface