And remember- anytime you click "Save" on the pfblocker screen it will move its rules back to the top on the firewall page.

Put your outgoing rules (to block) first for each interface.


In my example below- the public interface is blocked from seeing the LAN interface (plus a couple of other public subnets) before the allow all rule.


public net and 192.168.15.0/24 are the same.

Move that rule to the top of the rule list before the pfblocker rules. If you resave pfblocker you will have to remover your rule to before as the resave will move the pfblocker rules back to the top.

When I talked of other options I meant the ISP btw...

But no- I looked at their website a couple of years ago but thats as far as I went.


My belief is that Olypen needs to do something on their end, but as this is new to them Im not sure it will happen quickly.

Im curious what change they made that messed things up and may go down to their office today if I get time.

I am sure but not positive that there isn't anything on my network trying to connect out. If there was, wouldn't the firewall allow the connection and not block it?

Dynamic DNS hostname sounds very plausible. I will disable that and force a IP address renew and reply back.

Not sure what Femtocells are. I will look them up.

Yes the firewall would allow it if the connection was initiated from inside.

Femtocells are great when you need them. Verizon Wireless calls it a network extender.

My belief is that someone has a misconfigured  device pointed at you.   

Those Cellphone Femtocells connect via port 4500 (but usually the IP is from a cell carriers block of IP's).

Thanks for the info. 

As of now I am still down and need to explore other options I suppose.

Have you used any other mlppp capable device that continued to work when a line went down?

No.

I need to try but Im going off users comments such as Tomato en such.


The site is a remote one at this point and I can't reach the firewall at all.

Olypen broke me also this last week.   

I tried lowering the MTU on my computer here to access the network but it didn't work. Still testing however.


This is an issue though.   MLPPP is supposed to work fine when reduced to one line.

Why not pass all traffic through the router and let pfSense do all the routing? Is there a reason why you cannot so this?

Or even take the dlink out completely?

But-   are you pointing the forwarded traffic out of the dlink to the pfsense box?

My UPS shows the data room here hovering around 490watts. 

Glad its been a mild couple of months here otherwise the AC would be driving that number up a tad. 

Port 25 is still the server to server port. Its the ISP (client side) that blocks port 25.

Idea 1- Make destination ip any.

Idea 2- Try redirecting from port 587 (client) to port 26 (their server) if they really have it open.  You need to find out what its open to. 

The idea of an email server allowing connection to port 25 for anything else other than email coming from another server for delivery to its clients makes it sound like an open relay.

Wouldn't it be the client device/software behind your server that is doing the authentication to the server? If Im not missing something try port 587 out the door or even IMAP (146).

Unless your trying to get some program on the server (IDRAC6) to email out??...

The File Manager Package is also good for getting these files in place.   

Good luck man!

I am sorry, but I am not quite sure I am following here. The information requested is in the picture I created and attached. Or am I missing something?

Where I am testing from is usually from my cell phone (which I can confirm it worked before I switched to pfsense); but I have also tried from my employer's wifi (also used to work; fiber) and from my parent's cable modem connection. Also used to work.

I missed the pfsense version in the picture but the other information is not there.

You mention in your first post-

I have the exact same problem in m0n0wall.

I can tell you that I RDP all over the place into multiple systems that have a pfSense box out front as do many others here so even if something sounds the least bit remote its important to mention. There is obviously a problem with your config or equipment.

What is the model number of the modem you are using?

What kind of internet connection is this?  Im assuming DSL due to the PPPoe connection but other connection types also use PPPoe.

Did you go from router to bridge in your modem when you tried to add the firewall?

On your incoming firewall rule for RDP set it to log. (check box) and watch to see if your attempts show up.