Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: terry274 on May 06, 2022, 07:04:56 PM

Title: unknown lan address in statistics
Post by: terry274 on May 06, 2022, 07:04:56 PM
When I view traffic in reporting I see 192.168.6.120 making a connection to Amazon.com among other sites. But, 192.168.6.120 is not listed as a lease in Unbound. So, where is this address assigned from and who is it?

(https://i.ibb.co/fvQbmWW/leases.png) (https://ibb.co/5F2dq33)

(https://i.ibb.co/C50gVmY/sessions.png) (https://ibb.co/d0KFkjV)

(https://i.ibb.co/4VGFR9h/120.png) (https://ibb.co/9rLpHzQ)

Title: Re: unknown lan address in statistics
Post by: EdwinKM on May 06, 2022, 07:32:49 PM
I do not trusted the leases page. Use a system on your network (192.168.6.x) to ping that ip. Or try to eliminate the other devices. I am not sure we can help.
Title: Re: unknown lan address in statistics
Post by: terry274 on May 06, 2022, 07:51:40 PM
Ping results in 100% packet loss. This address may be related to some virtual machines I setup on my Debian linux box. I bridged the ethernet adapter.
I will keep digging.
Title: Re: unknown lan address in statistics
Post by: terry274 on May 06, 2022, 08:02:05 PM
I used a WiFi sniffer on my phone to discover the MAC address, which corresponded to the ip address of an Alexa. But, Alexa is on the IOT network, not the LAN.
Title: Re: unknown lan address in statistics
Post by: styr0 on May 07, 2022, 12:11:40 AM
Are you sure this is your Alexa? Amazon devices are sharing your wifi w/ your neighbors starting almost a year ago. My daughter has a Echo & I was seeing unknown mac addresses on my DD Wrt router. After some research I found this out. Turns out my neighbor bought new Ring doorbells which were using my wifi resources. I blocked them which you'll need to do to keep them off your network. Program is called Amazon Sidewalk.
https://arstechnica.com/gadgets/2021/05/amazon-devices-will-soon-automatically-share-your-internet-with-neighbors/ 
Title: Re: unknown lan address in statistics
Post by: terry274 on May 07, 2022, 02:52:28 PM
My closest neighbor is nearly 1,000 feet away so it's unlikely to be her. I believe when I use the app on my phone it is changing the connection on the Alexa Echo device. I'm not sure how that happens but it's the only thing I can figure out.
I'm going to not use the phone app and see if that stops the mystery connection.
Title: Re: unknown lan address in statistics
Post by: Daladon on December 24, 2022, 12:26:10 AM
Hi all,

I just got the same problem. Unknown IP and it was not listed in the DHCP. Could not ping it etc. I didn't get any info from WireShark. When I switched my Google Nest to my IOT network it was still trying to connect to the old network while the Nest itself got a lease from the OPNsense.

Its always trying to connect to: 18.210.25.50:9543 AmazonAWS.

I suspect its coming from the Alexa integration; https://support.google.com/googlenest/answer/9325080?hl=en
Will do more investigation on this later.

For me this is the reason why every IOT device needs to be in a seperate LAN. Hope this can help others too.

Regards,

Daladon


Text only | Text with Images