OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: ark on October 24, 2020, 06:21:43 am

Title: Some ip address / host are blocked suddenly on 20.7.3 (and 20.7.4)
Post by: ark on October 24, 2020, 06:21:43 am

Yesterday, when I tried to connect to several game client platform I got error cannot connect or similar, some like steam client can connect after several retries. but most stay unable to connect.

So tried domain resolve some of the domain / ip address for the server, oddly enough it says cannot resolve the hostname. My DNS / DHCP server are on another VM (Unbound pointed to root DNS server, with Pi-Hole as DHCP and filtering), so first culprit is the DNS server...

However, I tried switching my router / gateway to another VM, this time using OpenWRT (I have both OpenWRT and OpnSense on VM, all using same ip address so both VM never run simultaneously) and all the game client works perfectly without restart, and when switching back to OpnSense the problem appeared again. I've used OpnSense for months (switching back and forth with OpenWRT for testing) and this problem just occured since yesterday.

I tried looking at the firewall log (live view), seems normal except some ip address got red "Default deny rule" with port 443. Is there any hints which logs should I see to find the problem culprit?

My OpnSense build is pretty basic, no IPS or whatsoever only :
- FQ Codel Shaper in pipe, queue, and rules for both upstream and downstream.
- Dynamic State Reset active in advanced settings (My ISP change my private WAN address to the extent of different subnet so I got connection problem every weekend, The Router itself are connected to ISP modem as bridged mode. Still after checking that option the problem still persisted).
- Blok Private Networks are unchecked (my WAN ip address is stil private ip address).
- GeoIP address set (no aliases or rule set though, and the problem already occured before I set this up).

Edit : also I noticed when download files from some websites, chrome thrown errors like : <filename> can't be downloaded securely with option to <Discard> or <Keep>. It didn't behave like this previously.

Title: Re: Some ip address / host are blocked suddenly on 20.7.3 (and 20.7.4)
Post by: ark on October 26, 2020, 12:07:44 am

After hours of tweaking I finally tried clean reinstall of OpnSense and configuring just like the previous system... and it works normally again.
I don't know what cause OpnSense in previous system failed to resolve some of the hostname but for now I just try to get snapshot of latest working program and monitor for any weird changes in few days.

Title: Re: Some ip address / host are blocked suddenly on 20.7.3 (and 20.7.4)
Post by: MartB on October 26, 2020, 02:59:15 am

Im also having weird issues where my gateway seemingly becomes unreachable randomly and recovers itself after a random amount of time.
This started after upgrading to 20.7.4, maybe theres an underlying issue with the netmap changes somewhere?