Bug #1813: Static routes on WAN interfaces overridden by route-to for firewall-initiated traffic - pfSense - pfSense bugtracker

Actions

Copy link

Bug #1813

open

Static routes on WAN interfaces overridden by route-to for firewall-initiated traffic

Added by Chris Buechler over 13 years ago. Updated about 8 years ago.

Status:

Confirmed

Priority:

Normal

Assignee:

Category:

Rules / NAT

Target version:

Start date:

08/22/2011

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

All

Affected Architecture:

Description

the 'pass out' rules such as:

pass out route-to ( em1 9.2.2.1 ) from 9.2.3.17 to !9.2.2.0/21 keep state allow-opts label "let out anything from firewall host itself"

Break connectivity from the firewall itself to any networks reachable via a static route on a WAN for traffic initiated from the firewall itself.

For example if you add a static route in the above scenario pointing 1.0.0.0/24 to 9.2.3.20, traffic initiated from the firewall to that destination will go to 9.2.2.1, not 9.2.3.20.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #1813

Static routes on WAN interfaces overridden by route-to for firewall-initiated traffic

Updated by Chris Buechler over 13 years ago

Updated by Chris Buechler over 13 years ago

Updated by Jim Thompson about 8 years ago

Updated by Jim Pingle about 8 years ago