Messages

What Help me to find the problem is when someone tells me about the firewall module.
I good way to check if you firewall is implied in you is to deactivate it with command lines like
pfctl -d
To disable and
pfctl -e
to enable it back.

The problem with the firewall module is they do not make trace of their packet dropping that why it's so hard to find.

OK, I figured out what was my problem.
It looks like I activate the anti-DDOS and since it plays with the TCP SYN it could have played with the TCP windows.
That explains why some request where block.
I disable the feature and bam everything works back again
Thanks for the support guy.

OK, I'll do a new test.
I did a backup of my current setting.
I I made a factory reset of my router.
I redo the minimum configuration to make my router work (vlan and dhcp) and bam Facebook work again.

Soo, I save this "clean" setup as a backup and try to find out which part of the configuration of my router failed.
I first load "system" backup, everything works.
I second load the "OPNsense additional" and lost connectivity to Facebook.
I reload the clean backup, Facebook works again.
I load the "OPNsense additional" and Facebook work.
I load the system back up and lose Facebook.

Right now I'm looking for the backuped config to find which setting could cause errors.
Most of the config are certificates of my router and user and password.
There is also the plugging configuration i think there is the most suspect config, but stop all my service have not solved my problem.
Anybody have any idea ?

By inspecting the capture of the working request, I found that between the WAN interface and the LAN there is an additional packet the "TCP WINDOWS UPDATE"
It's the packet missing in the failed request.
I think this is the beginning of a debug trail.
Is someone knowing what is the role of the router in dealing "TCP windows update"  packet?

Same problem here, but with different sites..
Facebook and Google work.

But for example the opnsense pages won't load.

What I've also noticed is doing Speedtest (through their app) will give a Ping and great upload, however the download test fails entirely.

How can you do the speedtest with their app?
Which app?
Can you provide a failed request like mine ?
What does the live firewall said about you failed request ?

Here a request from a much simpler web site working well.
You can see the em0 interface been more verbose...
Could it be linked to the NAT interface ?

I made two captures of a request to Facebook.
It looks like the ack from my locale network doesn't seem to reach the Facebook destination.
If a stateless firewall drop ack TCP flag how am I supposed to acknowledge is made between my computer and the web site?

I start by having an issue with Facebook as I said here:
https://forum.opnsense.org/index.php?topic=26505.msg133204#msg133204
Now it expands to some streaming service and some web API.
I check the firewall rule to see if this traffic got some hit, but only packet with. A tcpflag got reject and I have been explaining that a normal behaviour on state full firewall.
It, also occurs that is having some internet connectivity issue.
So I am looking for some hint to start to debug this behaviour.
Soo far if I can  make it work again, I will have to switch to my ISP router  :'(
Is anybody having an idea to where i should start?

Thanks

It seem to work back when i use a vpn to by pass the router, soo it seem clear theire are something fishy here.
Keep investigate, but a hand would be welcome.

Start by checking the status of the router interface.
Does it ping on the internet ?
Does it ping a device on youe network?
Does it have an ip adress on bolt interface?
Since you said it a L2 switch what are your control interface with the switch?

I some how having the same issue since the last update of OPNsense (21.7.7 to 22.1.2)
No blocking rule.
Same probleme on all my vlan.
i got many firewall hit on facebook API comm been block, but only for packet with flag "A".
According to this post : https://forum.opnsense.org/index.php?topic=20219.0
It suppose to be normal, but is the only anomally i found on my router related on facebook.
Is someone have any ideal  on how to desnap this?

Thanks

is your switch is managed ?

I figured out that my server vas on bolt vlan and do not respond on the write one.
I just isolate the service ont the right vlan and everything work fine now.

Bonjour, il semblerait que mon problème soit le serveur lui-meme qui répondait sur le mauvais vlan.
apres l'avoir isolé sur le bon vlan toute est rentré dans l'ordre.

Hi communauty,
I got this stange problem, I mande a port forwarding from my WAN to my LAN to be able to acces some service, but it work one time of two.
The DNS resolution give the write ip address.
The nmap port scanning found all port close.

Is some body have an idée what going on ?