OPNsense Forum

Archive => 16.7 Legacy Series => Topic started by: roro on January 23, 2017, 12:32:44 pm

Title: [SOLVED] LAN blocked after UTP disconnect and connect.
Post by: roro on January 23, 2017, 12:32:44 pm

Hello,

I have the following test situation:
Disconnect the LAN utp from opnsense firewall. WAN and OPT1 are still connected.
The connected OPT1 network can reach the internet.

After a day.
Connect LAN utp to opnsense firewall.
PC's on the LAN network are now blocked by firewall.

The OPT1 network can still connect to the internet.

Anyone has/had that experience also?
Is there solution, besides rebooting the firewall?

Log from firewall blocked
Jan 23 12:05:41    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:38    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:37    LAN     192.168.20.101:58077     172.16.1.1:53    UDP
Jan 23 12:05:27    LAN     192.168.20.100:123     144.76.64.40:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     85.236.36.4:123    UDP
Jan 23 12:05:25    LAN     192.168.20.100:123     87.233.197.123:123    UDP

Greetings Roro.

Title: Re: LAN blocked after UTP disconnect and connect.
Post by: roro on January 30, 2017, 03:27:47 pm

Today I disconnected  the LAN utp for 4 hours and again the firewall blocks traffice to the DNS, NTP, etc.
When I do a Filter Reload, the pc's can internet again.

Does anyone know a logfile to check?

Title: Re: LAN blocked after UTP disconnect and connect.
Post by: roro on March 10, 2017, 06:25:03 pm

Hi there,
Just an update regarding my issue.
It has to do with the states table and clearing this after a disconnect.
I changed the following settings in firewall:
Kill states -> ON.
Firewall Optimization -> Aggressive. (normal behaviour 24 hours now 4 hours).
Now I know those states are gone after wan disconnect and after 4 hours no connection.
Greetings.