Bug #15814: Firewall State Policy of Interface Bound States doesn't work with WAN-Type WireGuard-Interface - pfSense - pfSense bugtracker

Actions

Copy link

Bug #15814

open

Firewall State Policy of Interface Bound States doesn't work with WAN-Type WireGuard-Interface

Added by Bob Dig 19 days ago. Updated 19 days ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Rules / NAT

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Default

Affected Version:

2.7.2

Affected Architecture:

Description

A port-forward coming in to a WAN-Type WireGuard-Interface from one fully patched pfSense CE 2.7.2 to another isn't working, the original sender doesn't get an answer, if a Firewall State Policy of Interface Bound States is in use. It does work though if a Firewall State Policy of Floating States is in use.

pfSense Plus 24.03 isn't affected.

Please see this forum post.
https://forum.netgate.com/topic/190658/firewall-state-policy-floating-states-needed-but-why/5?_=1730538120306

Actions

Copy link

Updated by Bob Dig 19 days ago

Edit: SNAT is disabled between the two Peers in this S2S-VPN.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #15814

Firewall State Policy of Interface Bound States doesn't work with WAN-Type WireGuard-Interface

Updated by Bob Dig 19 days ago