Text only | Text with Images

OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: aeschma on July 12, 2021, 08:22:48 PM

Title: Blocked by Akamai
Post by: aeschma on July 12, 2021, 08:22:48 PM
Hi,

I used Sensei in "Passive Mode" for Monitoring my LAN interface. Akamai blocked all devices on this interface. (After chosing a vlan Akamai stop blocking devices on Lan interface). Any way that I can monitor my Lan interface without getting the lan devices blocked by Akamai?
Title: Re: Blocked by Akamai
Post by: sy on July 12, 2021, 09:18:21 PM
Hi,

Sensei can not be blocked in Passive Mode. What do you see in the Live blocked Sessions Explorer (Reports - Blocks)?
Title: Re: Blocked by Akamai
Post by: almodovaris on July 12, 2021, 09:28:05 PM
https://en.wikipedia.org/wiki/Akamai_Technologies is a company. What has this company to do with your LAN devices?
Title: Re: Blocked by Akamai
Post by: mb on July 12, 2021, 11:11:24 PM
Hi @almadovaris, actually nothing. We do not have any technical relationship with them. My best bet is that this is a configuration issue.
Title: Re: Blocked by Akamai
Post by: aeschma on July 12, 2021, 11:14:07 PM
Hi,

@almodovaris: I was unable to open Websites protected by akamai for example bild.de or support.microsoft.com.

@sy: Think alkamai identified sensei as Proxy and blocked it. In Reports-Blocks Sensei lists many Ad Tracking stuff, but none blocked (-> Passive Mode).

Here is a traceroute from debugging:
Code Select


# /usr/sbin/traceroute -w 2 -m '18' -s '192.168.6.1'   'bild.de'
traceroute: Warning: bild.de has multiple addresses; using 145.243.248.20
traceroute to bild.de (145.243.248.20) from 192.168.6.1, 18 hops max, 40 byte packets
1  ip5b42c5fe.dynamic.kabel-deutschland.de (91.66.197.254)  10.907 ms  12.475 ms  9.010 ms
2  ip5886d806.static.kabel-deutschland.de (88.134.216.6)  10.136 ms  9.135 ms  10.008 ms
3  ip5886c386.static.kabel-deutschland.de (88.134.195.134)  12.994 ms  14.181 ms  16.945 ms
4  145.254.3.56 (145.254.3.56)  22.026 ms  20.645 ms  17.985 ms
5  145.254.2.179 (145.254.2.179)  16.079 ms  17.001 ms  15.945 ms
6  akamai.prolexic.com (80.81.193.70)  16.006 ms  19.673 ms  18.946 ms
7  po110.bs-a.sech-fra.netarch.akamai.com (72.52.48.192)  16.036 ms  22.343 ms
    po110.bs-b.sech-fra.netarch.akamai.com (72.52.48.200)  19.994 ms
8  a72-52-1-155.deploy.static.akamaitechnologies.com (72.52.1.155)  19.289 ms  18.733 ms  18.896 ms
9  ae121.access-a.sech-fra.netarch.akamai.com (72.52.48.205)  18.140 ms
    ae120.access-a.sech-fra.netarch.akamai.com (72.52.48.197)  18.101 ms
    ae121.access-a.sech-fra.netarch.akamai.com (72.52.48.205)  23.713 ms
10  a72-52-63-24.deploy.static.akamaitechnologies.com (72.52.63.24)  17.877 ms
    a72-52-63-22.deploy.static.akamaitechnologies.com (72.52.63.22)  13.727 ms
    a72-52-63-19.deploy.static.akamaitechnologies.com (72.52.63.19)  18.156 ms
11  a72-52-52-196.deploy.static.akamaitechnologies.com (72.52.52.196)  18.162 ms  18.747 ms
    a209-200-162-40.deploy.static.akamaitechnologies.com (209.200.162.40)  19.967 ms
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *



Added my Lan interface to sensei again to reproduce the error, but now it seems working. I will try to reproduce it tomorrow.
Title: Re: Blocked by Akamai
Post by: aeschma on July 12, 2021, 11:22:02 PM
@mb My first bet was an dns issue. But DNS worked like a charme. Surfing in this forum and in th pfsense forum show unbound issues (https://forum.opnsense.org/index.php?topic=21894.msg103630#msg103630). But unbound resolves the name and the tweak dosen' t resolve the topic.
Title: Re: Blocked by Akamai
Post by: almodovaris on July 13, 2021, 03:01:23 AM
So? Maybe your IPs are blacklisted. Or it does not like GDPR countries.

I am using Sensei in blocking mode (moderate blocking and blocking ads apps and all free security choices), and I can open most websites, except those which ask me to disable my ad blocker.

Or maybe you're using an IP blocklist e.g. from SpamHaus. These work independently of Sensei.

Steps 15-30 from my traceroute to bild.de are lost in limbo. But I can open bilde.de with no problems.
Title: Re: Blocked by Akamai
Post by: aeschma on July 13, 2021, 07:04:17 AM
Hi,

checked IP blacklisted at first. But no issue with my IP. Deactivated all Blocking Firewall rules for this interface and deactivated all DNSBL but same result, all sites protected by akanai was blocked.

After I removed the interface from Sensei configuration it started working immediately. After reassign the interface to Sensei Configuration it runs again without an issue. I will monitor this issue today and mark this topic later as solved if no new problems pop up.

At the moment I think that it was either technical problems on Akamai's side or that it was a opnsense/sensei driver issue and by removing and readding the interface he initialized the interface again. But don't know.

Happy that all running at the moment ;)
Title: Re: Blocked by Akamai
Post by: aeschma on July 13, 2021, 09:39:26 AM
One more question.....

If I am in Passive mode, Sensei should not block anything ... ?

Or is in the report normal opnsense Firewall rules included?

Don' t know if that s a sensei topic but at the moment no Login on the previous blocked pages works.
Title: Re: Blocked by Akamai
Post by: aeschma on July 13, 2021, 12:24:34 PM
Tryed out to deactivate Passive Mode/activate blocking.

-> native netmap mode produces an error

-> generic network mode active. If I configure the Lan Interface I can not connect on this interface to the opnsense. Connection via vlan (which runs on the LAN interface) is possible.

-> bridged mode not tried out at this point
Text only | Text with Images