Confused

[andrew0401]

Looking to migrate from pfsense to opnsense - primarily for the mail filtering and other functionality - think I have a firewall setup problem but might be due to approaching it from a pfsense view of how to set things up?

Network

Have a simple (?) EE supplied router/modem and looking to insert opnsense between it and the local lan (very small 5 clients, couple of servers - email,, VPN...) to exactly replace pfsense.

Setup the VPN and and email filtering,, put another client onto the network between the modem and opnsesne  and it shows all ports closed - pfsense shows the relevant ports as open.  If I disable the firewall opnsense shows the open ports correctly - rules are basically copied from pfsense.

Suspect I have missed something bl..dy obvious or a key difference between pfsense and opnsense - any clues on where to start much appreciated.

Thanks

[Maurice]

Might be caused by default reply-to behaviour. Did you try testing from the Internet instead of the WAN subnet?

Cheers
Maurice

[andrew0401]

Tried from internet as well as wan subnet - no ports seem to be open on the WAN side - even tried with a pass everything rule and no luck

Am wondering if I have missed something in the change from pfsense to opnsense with regards to the rules - pfsense does not have all these default rules )why they include ipv6 when I have disabled ipv6??)
Modified the pass rule to log TCP/25 - it is being passed by the firewall but not received by postfix - postfix listening to all ips and responds correctly from the LAN interface.  So I have missed something linking WAN traffic to postfix?

[andrew0401]

If I turn the firewall off then the port on the WAN is visible and postfix responds  as expected- but I lose the other protection....

Must be something in the rules

[andrew0401]

Totally confused.

Changed WAN from DHCP from the modem to a fixed IP - and it works perfectly.