The pfSense Store

Author Topic: Simple firewall rule(I guess)  (Read 780 times)

0 Members and 1 Guest are viewing this topic.

Offline epema

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Simple firewall rule(I guess)
« on: June 19, 2012, 05:40:23 am »
Hello guys!

Here is a quick explanation of my situation:
192.168.1.1 (LAN) = MyPfSense = (WAN) 10.1.1.2
cisco gateway = 10.1.1.1
server = 10.1.1.3

from my LAN I cannot access 10.1.1.3:88, but I can access 10.1.1.3:80.

Im guessing if the problem is on the firewall or the Squid which is running on 8080(not transparent).

Some hint please :)

Offline podilarius

  • Hero Member
  • *****
  • Posts: 1768
  • Karma: +0/-0
    • View Profile
Re: Simple firewall rule(I guess)
« Reply #1 on: June 19, 2012, 07:39:30 am »
Port 88 is not a standard port, what do you have running on it? If you disable squid, can you access it? Have you change the outbound NAT settings? Do you see a block in the firewall log? If you monitor tcpdump at the server can you see the packets arriving? If you can, look at the tcpdump on the WAN interface of pfSense to see if you see the returns.

Offline epema

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Simple firewall rule(I guess)
« Reply #2 on: June 20, 2012, 12:29:53 am »
Thanks for the reply :)

-I have a squid error showing up saying not permitted.
-I don't see block in firewall log
-Monitoring tcpdump I can not see packets on external and internal interfaces
- I havent changed the outbound NAT settings.. should I add something ?

About disabling squid.. how can I access the internet if i disable squid?

so... problem is Squid?

Offline epema

  • Newbie
  • *
  • Posts: 13
  • Karma: +0/-0
    • View Profile
Re: Simple firewall rule(I guess)
« Reply #3 on: June 20, 2012, 01:09:57 am »
I added 88 in acl safeports in squid. And it worked
Stupid I am..

Thanks anyways! :)