I have just installed pfSense on a PC Engines APU1D4 to evaluate as an alternative to a Soekris 5501 + OpenBSD based setup, I have a PPPoE WAN configuration.
The pf rules, NAT and PPPoE configurations appear to be the same as my OpenBSD box but some websites fail to load such as twitter.com.
I thought it might be to do with the WAN MTU, I've tried changing this to 1492 and 1452 but it makes no difference, I've also followed all the suggestions here to no avail.
https://doc.pfsense.org/index.php/Unable_to_Access_Some_Websites
Packet capture of entire conversation here:
https://dl.dropboxusercontent.com/u/249827/packetcapture-twitter-wan.cap
https://dl.dropboxusercontent.com/u/249827/packetcapture-twitter-lan.cap
Any ideas what could be going on?
Best Answer
Not getting far enough to be MTU-related. You're sending a SYN, getting a SYN ACK in reply, then RSTing the connection rather than completing the TCP handshake. Something is aborting the connection. That's an unusual circumstance, nothing about that suggests a specific cause. Looks like that capture reference point is your WAN, try the same on LAN to see where the RST is being initiated.