Text only | Text with Images

OPNsense Forum

International Forums => German - Deutsch => Topic started by: Miniamal on March 08, 2024, 08:54:08 AM

Title: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Miniamal on March 08, 2024, 08:54:08 AM
Hallo zusammen,

wir haben ein sehr merkwürdiges Verhalten der OPNsense nach dem Update von der Version 23.7.4 auf die 23.7.10 und neuer. Nach dem Update funktioniert alles bis auf der Internetzugriff über einen Webbrowser.
Telnet Port 443 nach Google.de geht, Tracert nach Google.de geht, Ping geht, VPN ist OK usw.. Was nicht mehr funktioniert  ist Aufruf von z.B. google.de über dem Webbrowser. Nach dem Update tauchen Webaufrufe auch nicht mehr im Packet Capture Log auf. Hat jemand eine Idee was zu solch einem Verhalten führen kann?

Anbei das Packet Capture Log nach dem Update:
Wie man sieht ICMP und HTTPS (Port 443) über Telnet auch Port 80 Funktioniert. Was eben nicht auftaucht ist der HTTP Request aus einem Browser
View capture
Interface    Timestamp    SRC    DST    output
WAN
vtnet0   2024-03-07
21:24:16.001352   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 66: (tos 0x2,ECT(0), ttl 127, id 32342, offset 0, flags [DF], proto TCP (6), length 52)
    45.12.51.52.7828 > 142.251.36.195.443: Flags [SEW], cksum 0x35e0 (correct), seq 3933347519, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
WAN
vtnet0   2024-03-07
21:24:16.008815   88:e6:4b:cd:28:00
Juniper Networks
   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 60, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    142.251.36.195.443 > 45.12.51.52.7828: Flags [S.], cksum 0xdc80 (correct), seq 1469250972, ack 3933347520, win 65535, options [mss 1412,nop,nop,sackOK,nop,wscale 8], length 0
WAN
vtnet0   2024-03-07
21:24:16.009866   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 127, id 32343, offset 0, flags [DF], proto TCP (6), length 40)
    45.12.51.52.7828 > 142.251.36.195.443: Flags [.], cksum 0x0524 (correct), seq 1, ack 1, win 6144, length 0
WAN
vtnet0   2024-03-07
21:24:26.032933   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 60, id 36930, offset 0, flags [none], proto TCP (6), length 40)
    142.251.36.195.443 > 45.12.51.52.7828: Flags [F.], cksum 0x1c23 (correct), seq 1, ack 1, win 256, length 0
WAN
vtnet0   2024-03-07
21:24:26.035467   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 127, id 32344, offset 0, flags [DF], proto TCP (6), length 40)
    45.12.51.52.7828 > 142.251.36.195.443: Flags [.], cksum 0x0523 (correct), seq 1, ack 2, win 6144, length 0
WAN
vtnet0   2024-03-07
21:24:26.053901   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 127, id 32345, offset 0, flags [DF], proto TCP (6), length 40)
    45.12.51.52.7828 > 142.251.36.195.443: Flags [F.], cksum 0x0522 (correct), seq 1, ack 2, win 6144, length 0
WAN
vtnet0   2024-03-07
21:24:26.061464   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 60, id 0, offset 0, flags [DF], proto TCP (6), length 40)
    142.251.36.195.443 > 45.12.51.52.7828: Flags [.], cksum 0x1c22 (correct), seq 2, ack 2, win 256, length 0
WAN
vtnet0   2024-03-07
21:25:07.756842   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32349, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4285, length 72
WAN
vtnet0   2024-03-07
21:25:07.759185   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32350, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4286, length 72
WAN
vtnet0   2024-03-07
21:25:07.762421   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32351, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4287, length 72
WAN
vtnet0   2024-03-07
21:25:08.840351   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32352, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4288, length 72
WAN
vtnet0   2024-03-07
21:25:08.874753   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32353, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4289, length 72
WAN
vtnet0   2024-03-07
21:25:08.877801   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32354, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4290, length 72
WAN
vtnet0   2024-03-07
21:25:09.903826   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32355, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4291, length 72
WAN
vtnet0   2024-03-07
21:25:09.906408   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32356, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4292, length 72
WAN
vtnet0   2024-03-07
21:25:09.909382   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32357, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4293, length 72
WAN
vtnet0   2024-03-07
21:25:10.920683   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32358, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4294, length 72
WAN
vtnet0   2024-03-07
21:25:10.929510   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32359, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4295, length 72
WAN
vtnet0   2024-03-07
21:25:10.933374   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32360, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4296, length 72
WAN
vtnet0   2024-03-07
21:25:11.977104   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32361, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4297, length 72
WAN
vtnet0   2024-03-07
21:25:11.987215   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32362, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4298, length 72
WAN
vtnet0   2024-03-07
21:25:12.003358   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32363, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4299, length 72
WAN
vtnet0   2024-03-07
21:25:13.041836   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32364, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4301, length 72
WAN
vtnet0   2024-03-07
21:25:13.049860   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32365, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4302, length 72
WAN
vtnet0   2024-03-07
21:25:13.062798   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32366, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4303, length 72
WAN
vtnet0   2024-03-07
21:25:14.162340   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32367, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4304, length 72
WAN
vtnet0   2024-03-07
21:25:17.933479   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32368, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4306, length 72
WAN
vtnet0   2024-03-07
21:25:21.804072   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32369, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4307, length 72
WAN
vtnet0   2024-03-07
21:25:25.811473   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32370, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4309, length 72
WAN
vtnet0   2024-03-07
21:25:25.821191   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32371, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4310, length 72
WAN
vtnet0   2024-03-07
21:25:25.831022   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32372, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4311, length 72
WAN
vtnet0   2024-03-07
21:25:26.927939   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32373, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4312, length 72
WAN
vtnet0   2024-03-07
21:25:26.937406   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32374, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4313, length 72
WAN
vtnet0   2024-03-07
21:25:26.952398   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32375, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4314, length 72
WAN
vtnet0   2024-03-07
21:25:27.976273   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32376, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4316, length 72
WAN
vtnet0   2024-03-07
21:25:27.986739   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32377, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4317, length 72
WAN
vtnet0   2024-03-07
21:25:28.007159   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32378, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4318, length 72
WAN
vtnet0   2024-03-07
21:25:29.047963   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32379, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4319, length 72
WAN
vtnet0   2024-03-07
21:25:29.060963   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32380, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4320, length 72
WAN
vtnet0   2024-03-07
21:25:29.123146   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32381, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4321, length 72
WAN
vtnet0   2024-03-07
21:25:30.144354   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32382, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4322, length 72
WAN
vtnet0   2024-03-07
21:25:30.151692   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 59, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 45.12.51.52: ICMP echo reply, id 16769, seq 4322, length 72
WAN
vtnet0   2024-03-07
21:25:30.156718   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32383, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4323, length 72
WAN
vtnet0   2024-03-07
21:25:30.164010   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 59, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 45.12.51.52: ICMP echo reply, id 16769, seq 4323, length 72
WAN
vtnet0   2024-03-07
21:25:30.170798   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32384, offset 0, flags [none], proto ICMP (1), length 92)
    45.12.51.52 > 142.251.36.195: ICMP echo request, id 16769, seq 4324, length 72
WAN
vtnet0   2024-03-07
21:25:30.178134   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 59, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 45.12.51.52: ICMP echo reply, id 16769, seq 4324, length 72
LAN
vtnet1   2024-03-07
21:24:16.001261   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 66: (tos 0x2,ECT(0), ttl 128, id 32342, offset 0, flags [DF], proto TCP (6), length 52)
    10.10.0.101.52914 > 142.251.36.195.443: Flags [SEW], cksum 0xdb92 (correct), seq 3933347519, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
LAN
vtnet1   2024-03-07
21:24:16.008832   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    142.251.36.195.443 > 10.10.0.101.52914: Flags [S.], cksum 0x8233 (correct), seq 1469250972, ack 3933347520, win 65535, options [mss 1412,nop,nop,sackOK,nop,wscale 8], length 0
LAN
vtnet1   2024-03-07
21:24:16.009850   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 128, id 32343, offset 0, flags [DF], proto TCP (6), length 40)
    10.10.0.101.52914 > 142.251.36.195.443: Flags [.], cksum 0xaad6 (correct), seq 1, ack 1, win 6144, length 0
LAN
vtnet1   2024-03-07
21:24:26.032968   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 59, id 36930, offset 0, flags [none], proto TCP (6), length 40)
    142.251.36.195.443 > 10.10.0.101.52914: Flags [F.], cksum 0xc1d5 (correct), seq 1, ack 1, win 256, length 0
LAN
vtnet1   2024-03-07
21:24:26.035442   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 128, id 32344, offset 0, flags [DF], proto TCP (6), length 40)
    10.10.0.101.52914 > 142.251.36.195.443: Flags [.], cksum 0xaad5 (correct), seq 1, ack 2, win 6144, length 0
LAN
vtnet1   2024-03-07
21:24:26.053877   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 128, id 32345, offset 0, flags [DF], proto TCP (6), length 40)
    10.10.0.101.52914 > 142.251.36.195.443: Flags [F.], cksum 0xaad4 (correct), seq 1, ack 2, win 6144, length 0
LAN
vtnet1   2024-03-07
21:24:26.061487   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 54: (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto TCP (6), length 40)
    142.251.36.195.443 > 10.10.0.101.52914: Flags [.], cksum 0xc1d4 (correct), seq 2, ack 2, win 256, length 0
LAN
vtnet1   2024-03-07
21:25:02.228915   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32346, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4281, length 72
LAN
vtnet1   2024-03-07
21:25:02.233002   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32347, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4282, length 72
LAN
vtnet1   2024-03-07
21:25:02.238471   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 1, id 32348, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4283, length 72
LAN
vtnet1   2024-03-07
21:25:07.756776   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32349, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4285, length 72
LAN
vtnet1   2024-03-07
21:25:07.759161   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32350, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4286, length 72
LAN
vtnet1   2024-03-07
21:25:07.762392   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 2, id 32351, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4287, length 72
LAN
vtnet1   2024-03-07
21:25:08.840307   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32352, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4288, length 72
LAN
vtnet1   2024-03-07
21:25:08.874697   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32353, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4289, length 72
LAN
vtnet1   2024-03-07
21:25:08.877786   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 3, id 32354, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4290, length 72
LAN
vtnet1   2024-03-07
21:25:09.903762   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32355, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4291, length 72
LAN
vtnet1   2024-03-07
21:25:09.906391   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32356, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4292, length 72
LAN
vtnet1   2024-03-07
21:25:09.909365   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 4, id 32357, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4293, length 72
LAN
vtnet1   2024-03-07
21:25:10.920646   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32358, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4294, length 72
LAN
vtnet1   2024-03-07
21:25:10.929467   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32359, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4295, length 72
LAN
vtnet1   2024-03-07
21:25:10.933332   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 5, id 32360, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4296, length 72
LAN
vtnet1   2024-03-07
21:25:11.977058   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32361, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4297, length 72
LAN
vtnet1   2024-03-07
21:25:11.987171   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32362, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4298, length 72
LAN
vtnet1   2024-03-07
21:25:12.003315   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 6, id 32363, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4299, length 72
LAN
vtnet1   2024-03-07
21:25:13.041809   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32364, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4301, length 72
LAN
vtnet1   2024-03-07
21:25:13.049830   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32365, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4302, length 72
LAN
vtnet1   2024-03-07
21:25:13.062759   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 7, id 32366, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4303, length 72
LAN
vtnet1   2024-03-07
21:25:14.162295   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32367, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4304, length 72
LAN
vtnet1   2024-03-07
21:25:17.933428   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32368, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4306, length 72
LAN
vtnet1   2024-03-07
21:25:21.804037   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 8, id 32369, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4307, length 72
LAN
vtnet1   2024-03-07
21:25:25.811428   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32370, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4309, length 72
LAN
vtnet1   2024-03-07
21:25:25.821173   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32371, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4310, length 72
LAN
vtnet1   2024-03-07
21:25:25.830992   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 9, id 32372, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4311, length 72
LAN
vtnet1   2024-03-07
21:25:26.927879   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32373, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4312, length 72
LAN
vtnet1   2024-03-07
21:25:26.937389   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32374, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4313, length 72
LAN
vtnet1   2024-03-07
21:25:26.952362   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 10, id 32375, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4314, length 72
LAN
vtnet1   2024-03-07
21:25:27.976237   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32376, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4316, length 72
LAN
vtnet1   2024-03-07
21:25:27.986700   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32377, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4317, length 72
LAN
vtnet1   2024-03-07
21:25:28.007117   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 11, id 32378, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4318, length 72
LAN
vtnet1   2024-03-07
21:25:29.047911   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32379, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4319, length 72
LAN
vtnet1   2024-03-07
21:25:29.060921   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32380, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4320, length 72
LAN
vtnet1   2024-03-07
21:25:29.123130   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 12, id 32381, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4321, length 72
LAN
vtnet1   2024-03-07
21:25:30.144320   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 13, id 32382, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4322, length 72
LAN
vtnet1   2024-03-07
21:25:30.151724   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 58, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 10.10.0.101: ICMP echo reply, id 12, seq 4322, length 72
LAN
vtnet1   2024-03-07
21:25:30.156680   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 13, id 32383, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4323, length 72
LAN
vtnet1   2024-03-07
21:25:30.164028   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 58, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 10.10.0.101: ICMP echo reply, id 12, seq 4323, length 72
LAN
vtnet1   2024-03-07
21:25:30.170782   02:a1:07:db:b6:02   06:12:76:5f:4b:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 13, id 32384, offset 0, flags [none], proto ICMP (1), length 92)
    10.10.0.101 > 142.251.36.195: ICMP echo request, id 12, seq 4324, length 72
LAN
vtnet1   2024-03-07
21:25:30.178158   06:12:76:5f:4b:02   02:a1:07:db:b6:02   ethertype IPv4 (0x0800), length 106: (tos 0x0, ttl 58, id 0, offset 0, flags [none], proto ICMP (1), length 92)
    142.251.36.195 > 10.10.0.101: ICMP echo reply, id 12, seq 4324, length 72


Folgendes würde ich erwarten:
WAN
vtnet0   2024-03-08
08:52:05.076570   06:12:76:5f:4b:01   00:00:5e:00:01:bc   ethertype IPv4 (0x0800), length 527: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 513)
    45.12.51.52.43145 > 142.251.36.163.80: Flags [P.], cksum 0xbc2a (correct), seq 1:462, ack 1, win 519, options [nop,nop,TS val 2621732405 ecr 1471548688], length 461: HTTP, length: 461
   GET / HTTP/1.1
   User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
   Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
   Accept-Language: de,en-US;q=0.7,en;q=0.3
   Accept-Encoding: gzip, deflate
   Upgrade-Insecure-Requests: 1
   Host: 142.251.36.163
   Via: 1.1 OPNsense.localdomain (squid/5.9)
   X-Forwarded-For: 10.10.0.101
   Cache-Control: max-age=259200
   Connection: keep-alive
   
WAN
vtnet0   2024-03-08
08:52:05.083776   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 66: (tos 0x0, ttl 60, id 41400, offset 0, flags [none], proto TCP (6), length 52)
    142.251.36.163.80 > 45.12.51.52.43145: Flags [.], cksum 0x47c1 (correct), seq 1, ack 462, win 261, options [nop,nop,TS val 1471548696 ecr 2621732405], length 0
WAN
vtnet0   2024-03-08
08:52:05.100915   88:e6:4b:cd:28:00   06:12:76:5f:4b:01   ethertype IPv4 (0x0800), length 1031: (tos 0x0, ttl 60, id 41401, offset 0, flags [none], proto TCP (6), length 1017)
    142.251.36.163.80 > 45.12.51.52.43145: Flags [P.], cksum 0xd865 (correct), seq 1:966, ack 462, win 261, options [nop,nop,TS val 1471548713 ecr 2621732405], length 965: HTTP, length: 965
   HTTP/1.1 301 Moved Permanently
   Location: http://www.google.com/
   Content-Type: text/html; charset=UTF-8
   Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-5l6ag507uRGlGNm_FeN_8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
   Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
   Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
   Date: Fri, 08 Mar 2024 07:52:05 GMT
   Expires: Sun, 07 Apr 2024 07:52:05 GMT
   Cache-Control: public, max-age=2592000
   Server: gws
   Content-Length: 219
   X-XSS-Protection: 0
   X-Frame-Options: SAMEORIGIN
   
   <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
   <TITLE>301 Moved</TITLE></HEAD><BODY>
   <H1>301 Moved</H1>
   The document has moved
   <A HREF="http://www.google.com/">here</A>.
   </BODY></HTML>
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Saarbremer on March 08, 2024, 09:26:27 AM
Wenn vom Browser kein Traffic im Capture auftaucht, dann
a) nutzt der Browser das falsche Gateway (wenn überhaupt eine Auswahl besteht)
b) ist die Namensauflösung vom Browser defekt
c) funktioniert der Browser nicht
d) nutzt der Browser einen Proxy Server
e) nutzt der Browser einen VPN Dienst
f) filterst du falsch

Dass OPNSense den Traffic nicht mehr captured halte ich für am wenigsten wahrscheinlich.

Betreibst du einen SOCKS-Proxy?
hast du mal alle Browser-internen VPN und Proxy und DNS-over-bla ausgeschaltet?

Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Saarbremer on March 08, 2024, 09:27:44 AM
Achso: Und von welchem IF ist das Capture? Wenn es WAN war, dann besteht auch die Chance, dass der Traffic vorher gesperrt wurde. Also schau auch nochmal im Firewall Livelog ob irgendwas blockiert wurde und wenn ja warum.
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Miniamal on March 08, 2024, 09:49:57 AM
Es wurden beide Interfaces LAN und WAN aufgezeichnet.
Und wie du sehen kannst Filter ich nicht falsch einmal ein Capture nach dem Update und einmal nach dem Rollback selber Filter bei einem taucht der Zugriff über den Browser auf beim dem nach dem Update nicht.

A) Nein das Gateway ist die Opensense
B) nein der Name wird sauber aufgelöst aber es wurde auch mit der öffentlichen IP Getestet
C) Alle 3 Firefox / Edge / Chrome Zugriff auf interne Ressourcen funktioniert und vor dem Update wie nach dem Rollback funktioniert der Zugriff auf z.B. Google.de nur nach dem Update nicht! Also nein der Browser ist nicht das Problem
D) Nein
E) Nein

Telnet 443 nach google.de wird aufgezeichnet, Ping auch, Tracert, nur der Zugriff über den Browsern nicht. Selbes Gateway wie bei Telnet und Tracert egal ob Name oder IP Adresse. Und eben nur nach dem Update, vor dem Update und dem Rollback wird dies aufgezeichnet s. unten. Es wurde auch im Browser nichts geändert die einzige Komponente die angepasst wurde ist die OPNSense.
Deswegen schrieb ich ja ein merkwürdiges Verhalten
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Miniamal on March 08, 2024, 09:53:11 AM
Die Firewall blockiert den Traffic auch nicht. Wir haben diese Testweise deaktiviert keine Änderung.
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Saarbremer on March 08, 2024, 09:56:11 AM
Du hast nicht zufällig Zenarmour, Snort, Suricata, oder irgendwas anderes in der Richtung am laufen?

Außerdem: Was ist mit IPv6?
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Miniamal on March 08, 2024, 10:23:19 AM
Suricata war auch eine unserer  Vermutungen, haben wir  aber nicht im Einsatz. Vermutung war das es sich mit dem update eingeschaltet hat dem war leider nicht so. Zenarmour und Snort haben wir auch nicht im Einsatz. Wir hatten ein nicht korrekt geladenes Dyn-DNS Plugin welches wir raus geschmissen haben.

Leider handelt es sich um eine Kunden-FW welche nun wieder auf dem Stand vor dem Update ist. Ich kann nur außerhalb der Geschäftszeiten den Stand nach dem Update reproduzieren.
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Saarbremer on March 08, 2024, 10:54:41 AM
Viel Erfolg.
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: Miniamal on March 08, 2024, 11:06:22 AM
Danke. Ich hatte aber gehofft vllt. noch ein Paar Ideen zu bekommen. Denn ich bin tatsächlich etwas ratlos was es noch sein könnte.
Title: Re: Telnet 443 OK, Ping OK, Tracert OK, via Browser kein Internet n. Update 23.7.10
Post by: gergap on March 08, 2024, 09:29:17 PM
Hallo,

wenn telnet auf 443 mit dem selben Rechner geht aber der Browser nicht,
dann würde ich vermuten telnet nimmt IPv4 und der Browser IPv6.
Oder du hast im Browser irgendeinen Proxy konfiguriert.

Am einfachsten nimmst du mal Wireshark und schaust was der Browser macht.
Auch mal mit IP testen. Manche Browser haben neuerdings so ein Feature, dass sie DNS über HTTPs machen,
damit es auch "gaaanz sicher" ist :-) D.h. die Namensauflösung wird vielleicht durch die FW geblockt.
Die schicken dann alle DNS Anfragen an so einen "trusted partner". Böse Zungen behaupten, damit deine Anfragen dann besser zentral geloggt werden können ;-)
Jedenfalls könnte dieser bei dir in einer Sperrliste stehen.
Das Verhalten kann jedenfalls anders sein als mit nslookup, oder was die Konsolen Tools wie telnet und co so machen, wo ja normales DNS verwendet wird.
Text only | Text with Images