[pfSense Support] Carp FW Rules?
Good Afternoon I have configured 2 IP virtual in virtual IP as Carp mode. I configure the necessary ports in the Nat options for the services that desire to use. In the Internet side all services function ok however I cannot connect to this IP´s for my internal net (LAN) the Firewall logs accuses the following blocks: Jan 31 15:56:08 pf: 2. 439592 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 24317, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.56845 189.2.203.19.80: S, cksum 0x330e (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:10 pf: 2. 560566 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 1182, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.51379 189.2.203.19.80: S, cksum 0x9f8a (correct), 52143:52143(0) win 0 mss 1460 Jan 31 15:56:13 pf: 2. 440578 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 31284, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.58885 189.2.203.19.80: S, cksum 0x2b16 (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:15 pf: 2. 559579 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 21814, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.61750 189.2.203.19.80: S, cksum 0x7707 (correct), 52143:52143(0) win 0 mss 1460 How I can configure to allow conections in that interfaces?? -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Carp FW Rules?
On 1/31/08, William Armstrong [EMAIL PROTECTED] wrote: Good Afternoon I have configured 2 IP virtual in virtual IP as Carp mode. I configure the necessary ports in the Nat options for the services that desire to use. In the Internet side all services function ok however I cannot connect to this IP´s for my internal net (LAN) the Firewall logs accuses the following blocks: Jan 31 15:56:08 pf: 2. 439592 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 24317, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.56845 189.2.203.19.80: S, cksum 0x330e (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:10 pf: 2. 560566 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 1182, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.51379 189.2.203.19.80: S, cksum 0x9f8a (correct), 52143:52143(0) win 0 mss 1460 Jan 31 15:56:13 pf: 2. 440578 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 31284, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.58885 189.2.203.19.80: S, cksum 0x2b16 (correct), 51016579:51016579(0) win 0 mss 1460 Jan 31 15:56:15 pf: 2. 559579 rule 527/0(match): block out on carp0: (tos 0x10, ttl 64, id 21814, offset 0, flags [DF], proto: TCP (6), length: 44) 189.2.203.20.61750 189.2.203.19.80: S, cksum 0x7707 (correct), 52143:52143(0) win 0 mss 1460 How I can configure to allow conections in that interfaces?? System - Advanced - Reflection Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Carp FW Rules?
Thanks a lot. I´ts works now. []´s. -- - = - = - = - = - = - = - = - = - = - . Of course it runs William David Armstrong |== Bio Systems Security Networking ' FreeBSD MSN / GT biosystems gmail . com -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]