Hi,
Please forgive me if this is slightly off topic, but the synergy is strong...
I have a KVM server running Debian 9.2.
There are two guests, one straight FreeBSD 11.1, the other pfSense 2.4.2 (also FreeBSD 11.1).
The KVM server has a NIC on the local LAN, and it's got a software bridge (br0) to allow the server and all the guests to communicate with each other on the LAN.
The pfSense firewall is working fine for all LAN resident clients not associated with the bridge on the KVM server. For the KVM server and the straight FreeBSD 11.1 system only, I can see TCP connections to the Internet start with a SYN packet out the default gateway, enter the pfSense firewall via the bridge, and be re-transmitted out the WAN. Then I see several re-transmissions of the SYN packet before the connection times out. The expected SYN/ACK response never arrives. NAT (or masquerading) appears to be not working for hosts connected to the bridge.
Anyone seen this with pfSense on Proxmox?
Thanks,
Please forgive me if this is slightly off topic, but the synergy is strong...
I have a KVM server running Debian 9.2.
There are two guests, one straight FreeBSD 11.1, the other pfSense 2.4.2 (also FreeBSD 11.1).
The KVM server has a NIC on the local LAN, and it's got a software bridge (br0) to allow the server and all the guests to communicate with each other on the LAN.
The pfSense firewall is working fine for all LAN resident clients not associated with the bridge on the KVM server. For the KVM server and the straight FreeBSD 11.1 system only, I can see TCP connections to the Internet start with a SYN packet out the default gateway, enter the pfSense firewall via the bridge, and be re-transmitted out the WAN. Then I see several re-transmissions of the SYN packet before the connection times out. The expected SYN/ACK response never arrives. NAT (or masquerading) appears to be not working for hosts connected to the bridge.
Anyone seen this with pfSense on Proxmox?
Thanks,