Here’s an unsolicited testimonial for a BSD-based company. My employer recently bought some of the assets of another company, in another state. I showed up not sure exactly what I’d encounter, since the facility had never had anything better than out-of-state IT support via phone, and there had been very little time to plan.
The facility had 3 different network gateway devices from varying manufacturers, all old, and mostly dead. The one working ancient Linksys small business gateway wasn’t physically able to work the way I wanted for extending our corporate network. So, in a mild panic, I grabbed one of the defunct machines there and installed pfSense – a FreeBSD-based firewall/gateway solution, for those who aren’t familiar with it. This is not unlike Michael W. Lucas’s BSD Origin Story.
It worked wonderfully. It was very easy to configure. I had exactly one problem: certain protocols like RDP would drop every few minutes. I bought the basic support tier for pfSense – and had a working answer immediately. Even with the support purchase, this has been cheaper and less work than purchasing the Cisco equipment my workplace normally uses.
Thanks for the testimonial, Justin. Much appreciated!
You paid for the answer. You might as well share it. :)
Nunya – Here was the answer:
“That sounds like what can happen when you have asymmetric routing and only part of the traffic is hitting pfSense. The way around that is to make it such that the traffic that is routed that way doesn’t get checked against the state table in quite the same manner.
If you go under System > Advanced on the Firewall/NAT tab, *check* “Bypass firewall rules for traffic on the same interface” and then Save. New connections made after that change takes effect (Usually ~10-20 seconds after applying the setting) should then start functioning correctly.”
It was effectively a “check this box to make it all better” scenario, which is the best scenario when I can’t find the cause myself.