Messages

1

22.1 Legacy Series / Re: Lost connectivity to some internet service (SOLVED)

« on: April 11, 2022, 03:56:18 pm »

What Help me to find the problem is when someone tells me about the firewall module.
I good way to check if you firewall is implied in you is to deactivate it with command lines like
pfctl -d
To disable and
pfctl -e
to enable it back.

The problem with the firewall module is they do not make trace of their packet dropping that why it's so hard to find.

2

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: April 10, 2022, 11:18:02 pm »

OK, I figured out what was my problem.
It looks like I activate the anti-DDOS and since it plays with the TCP SYN it could have played with the TCP windows.
That explains why some request where block.
I disable the feature and bam everything works back again
Thanks for the support guy.

3

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: March 30, 2022, 10:06:28 pm »

OK, I'll do a new test.
I did a backup of my current setting.
I I made a factory reset of my router.
I redo the minimum configuration to make my router work (vlan and dhcp) and bam Facebook work again.

Soo, I save this "clean" setup as a backup and try to find out which part of the configuration of my router failed.
I first load "system" backup, everything works.
I second load the "OPNsense additional" and lost connectivity to Facebook.
I reload the clean backup, Facebook works again.
I load the "OPNsense additional" and Facebook work.
I load the system back up and lose Facebook.

Right now I'm looking for the backuped config to find which setting could cause errors.
Most of the config are certificates of my router and user and password.
There is also the plugging configuration i think there is the most suspect config, but stop all my service have not solved my problem.
Anybody have any idea ?

4

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: March 26, 2022, 02:40:00 am »

By inspecting the capture of the working request, I found that between the WAN interface and the LAN there is an additional packet the "TCP WINDOWS UPDATE"
It's the packet missing in the failed request.
I think this is the beginning of a debug trail.
Is someone knowing what is the role of the router in dealing "TCP windows update"  packet?

5

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: March 25, 2022, 03:05:29 pm »

Same problem here, but with different sites..
Facebook and Google work.

But for example the opnsense pages won't load.

What I've also noticed is doing Speedtest (through their app) will give a Ping and great upload, however the download test fails entirely.

How can you do the speedtest with their app?
Which app?
Can you provide a failed request like mine ?
What does the live firewall said about you failed request ?

6

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: March 24, 2022, 03:38:04 pm »

Here a request from a much simpler web site working well.
You can see the em0 interface been more verbose...
Could it be linked to the NAT interface ?

7

22.1 Legacy Series / Re: Lost connectivity to some internet service

« on: March 24, 2022, 03:21:42 pm »

I made two captures of a request to Facebook.
It looks like the ack from my locale network doesn’t seem to reach the Facebook destination.
If a stateless firewall drop ack TCP flag how am I supposed to acknowledge is made between my computer and the web site?

8

22.1 Legacy Series / Lost connectivity to some internet service (SOLVED)

« on: March 24, 2022, 02:47:21 pm »

I start by having an issue with Facebook as I said here:
https://forum.opnsense.org/index.php?topic=26505.msg133204#msg133204
Now it expands to some streaming service and some web API.
I check the firewall rule to see if this traffic got some hit, but only packet with. A tcpflag got reject and I have been explaining that a normal behaviour on state full firewall.
It, also occurs that is having some internet connectivity issue.
So I am looking for some hint to start to debug this behaviour.
Soo far if I can  make it work again, I will have to switch to my ISP router 
Is anybody having an idea to where i should start?

Thanks

9

General Discussion / Re: facebook app on android phone login issue

« on: March 12, 2022, 06:51:54 pm »

It seem to work back when i use a vpn to by pass the router, soo it seem clear theire are something fishy here.
Keep investigate, but a hand would be welcome.

10

22.1 Legacy Series / Re: Opnsense connectivity /switch power issue

« on: March 12, 2022, 06:48:43 pm »

Start by checking the status of the router interface.
Does it ping on the internet ?
Does it ping a device on youe network?
Does it have an ip adress on bolt interface?
Since you said it a L2 switch what are your control interface with the switch?

11

General Discussion / Re: facebook app on android phone login issue

« on: March 12, 2022, 05:30:56 am »

I some how having the same issue since the last update of OPNsense (21.7.7 to 22.1.2)
No blocking rule.
Same probleme on all my vlan.
i got many firewall hit on facebook API comm been block, but only for packet with flag "A".
According to this post : https://forum.opnsense.org/index.php?topic=20219.0
It suppose to be normal, but is the only anomally i found on my router related on facebook.
Is someone have any ideal  on how to desnap this?

Thanks

12

22.1 Legacy Series / Re: Opnsense connectivity /switch power issue

« on: March 12, 2022, 05:14:55 am »

is your switch is managed ?

13

21.1 Legacy Series / Re: [SOLVE]Random drop request

« on: April 29, 2021, 03:13:59 am »

I figured out that my server vas on bolt vlan and do not respond on the write one.
I just isolate the service ont the right vlan and everything work fine now.

14

French - Français / Re: Drop aleatoire de requeste

« on: April 29, 2021, 03:10:41 am »

Bonjour, il semblerait que mon problème soit le serveur lui-meme qui répondait sur le mauvais vlan.
apres l'avoir isolé sur le bon vlan toute est rentré dans l'ordre.

15

21.1 Legacy Series / [SOLVE]Random drop request

« on: April 23, 2021, 08:40:35 pm »

Hi communauty,
I got this stange problem, I mande a port forwarding from my WAN to my LAN to be able to acces some service, but it work one time of two.
The DNS resolution give the write ip address.
The nmap port scanning found all port close.

Is some body have an idée what going on ?