[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

blocked connections from int_net -> fw -> int_net

Hello all...

can anyone help me with this puzzle?

I have a rdr load-balancer to 2 internal servers. It works fine when I connect from the external world to the webservers ( -> -> {,})

But if I try to connect from the internal net back to the webservers I get a blocked connection ( -> -> {,})

int_net = ""
gateway = ""
table <ext_ips> const {}
table <int_ips> persist {}
# translation
rdr on $ext_if proto tcp from any to <ext_ips> port {80 443} -> <int_ips> sticky-address
nat on $ext_if from $int_net -> ($ext_if:0)

# filter
pass in quick log on $ext_if proto tcp from any to <int_ips> port {80 443} flags S/SA keep state (max 2000)
pass out quick keep state
block in log quick on $ext_if