0

I am in a dire situation. Our exchange server disks have failed. I can still use the application as the os disks are unaffected, and I need to do an emergency migration to office365.

We have an openbsd firewall in our office. I have managed to give the exchange server web access, but it cannot create the hybrid setup because somewhere it is being blocked. I have little to no experience with this type of firewall, so I really need some help deciphering what is being blocked.

Here is the output. If anyone could help I will be eternally grateful.

Mar 15 20:56:45.442689 rule 2/(match) block in on vlan304: 10.*.*.*.20758 > 40.112.64.25.443: S 1092681546:1092681546(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Mar 15 20:56:45.941370 rule 2/(match) block in on vlan304: 10.*.*.*.20758 > 40.112.64.25.443: S 1092681546:1092681546(0) win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK> (DF)
Mar 15 20:56:46.456303 rule 2/(match) block in on vlan304: 10.*.*.*.20758 > 40.112.64.25.443: S 1092681546:1092681546(0) win 8192 <mss 1460,nop,nop,sackOK> (DF)

The port number on the internal IP goes up in sequence. The previous trace I ran started at port 58009 and, again, went up in sequence, so I am confused at to weather that is the issue. Port 443 traffic is already enabled (I think).

Bink
  • 193
  • 5
BeardyDrummer
  • 9
  • 5

2 Answers2

0

I recommend posting your entire pf.conf somewhere. Barring that, it appears “rule 2” is blocking traffic coming into vlan304. Allowing traffic coming into that VLAN to go to 40.112.64.25 on port 443 might resolve your issue.

Bink
  • 193
  • 5
0

if you're trying to see the active rules, try pfctl -sr or pfctl -sa for a more verbose output with more information. Additionally you can post and read your /etc/pf.conf .

JBJ
  • 126
  • 1