Hello,
A bit of an amateur question. I'm newer to network security, especially firewalls and still trying to grasp how everything works. Was wondering how to troubleshoot issues when the firewall is clearly blocking traffic but I'm not sure what ports to open.
I've recently installed an XG series firewall on my network. Two applications have stopped working for me since then; Plex which is a video streaming service (I'm not hosting it myself, I'm reaching out to a friend's device over WAN for media they create) and an openvpn service I'm subscribed to. They have previously worked without issue and I've tried them when they're not behind the firewall, no issues. Checked Rulz #1, all I'm seeing is that Firewall rule 0 is dropping connecting for reason "Could not associate packet to any connection." I can narrow it down to the firewall policies because when I set a blanket LAN/WAN to WAN/LAN rule allowing all communication from any host the applications resume functionality.
Guess my question is from a learning perspective since I'll probably run into similar issues down the road, how would you troubleshoot and figure out which firewall rules to create/apply to your network for individual applications? I tried wireshark and checked the XG logs while trying to reconnect those applications. Getting a lot of denials for a range of ports and sometimes multiple IP addresses (although most of the time the source port remains the same).
Thanks in advance!
This thread was automatically locked due to age.