> Can you send me .pcap file with this packet please? Once I saw similar > problem when IP header had additional options. The packet just did not > follow my rule and that is it! > Thanks. >
While capturing the packet for you, I discovered the problem. This traffic is asymmetrical. This packet is a syn/ack packet. Since the pfsense doesn't see the syn packet, I assume it blocks the packet when configured to keep state. Is there an easy pfsense solution for asymmetrical traffic? Is a solution to manually edit the pf rules file to allow the traffic out the bge0 interface? --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
