You should probably test again, tell us exactly what you are doing, and use full output from the packet capture page and post it up.Īgain, capturing on the OpenVPN interface will show you what is coming over OpenVPN. If you are capturing on WAN and seeing that, that is what is coming into WAN the firewall cannot generate traffic that comes into an interface. The only difference is the PPPOE / VLAN WAN interface said in OpenVPN, AirVPN and port forwarding no longer works (2.4.4relp2): I know the NAT and firewall rules are sane, and known to work. Ok, that is also a theory, but I need some help to track / log this behavior. Or you are doing something strange like forwarding that inbound connection out your WAN and misreading the WAN pcap source address as the destination. What do you suggest I try to diagnose this correctly? pfSense / openvpn on my side is doing something unexpected. I opened a ticket with AirVPN, and through their own testing, this is what I see packet wise. This is a new situation - pppoe with vlan tagging. But every test I run through it, indicates that pfSense is doing something unusual with packet headers. There is no way that that test could result in the connection to 63995 arriving on your WAN unless the AirVPN tester is completely broken and they are connecting to your WAN address instead. I have not been able to find any listed bug or issues.Īny suggestions? I'll gladly share any config to get this said in OpenVPN, AirVPN and port forwarding no longer works (2.4.4relp2): I expect others have a similar setup at home for privacy. I relied heavily on this how-to for the pfSense / AirVPN setup: Is there a way, GUI or SSH wise to really determine the root cause? I can reconnect the Bell home hub 3000 in bridge mode and re-test it all. My instinct tells me it is not a bug with the new version of pfSense, but rather the need for a vlan tagged / pppoe interface that is causing a routing/forwarding issue with pfSense. It is as if pfSense or OpenVPN is misclassifying inbound packets, if the firewall logs are right, or else normal behavior as they traverse the BELL_WAN PPPoE interface? Strangely enough, I see port forward packets hitting the BELL_WAN interface with the port forward testing in the firewall logs - which shouldn't happen (should be the AirVPN interface). I did some packet captures, and see some packets come in, but nothing else. I also updated from 2.4.? to 2.4.4 recently (without paying attention if port forwarding worked or not) Default gateway is set, outbound NAT works, Firewall rules were adjusted. On the pfSense side of things, a new interface was created to do VLAN 35, and PPPoE. I use a media converter SFP/RJ45 (To avoid using their Home Hub 3000). What changed? My ISP is now Bell FTTH (Fiber 1 Gbps service). Firewalls are good, the NAT rules appear fine as well. The inbound port forwarding is simply not working. OpenVPN connects to AirVPN without issue, and sure enough - no issues outbound. I have a setup with my pfSense router - that has been working for a long time (a known good configuration).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |