Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Petrester

Pages1
#1
Tutorials and FAQs / Re: VLANS Default deny / state violation rule
January 30, 2025, 09:05:46 PM
I will update OPNSense and try again to see if it is fixed in this version.
I can't believe it's giving TCP failures if when doing NMAP the IP doesn't exist.

Regards!
#2
Tutorials and FAQs / Re: VLANS Default deny / state violation rule
January 29, 2025, 06:16:45 PM
There is no way to set the flag when running nmap? Maybe it is proxmox LXC configuration?

It is strange because this same thing I launch it from the other proxmox cluster where the OPNSense is and it works correctly.
#3
Tutorials and FAQs / Re: VLANS Default deny / state violation rule
January 29, 2025, 05:32:39 PM
Quote from: Seimus on January 29, 2025, 03:32:37 PMAlso the later pic you posted has different source IP than then one in your 1st post.

Are you sure you posted the correct packet?

Regards,
S.

Yes, it is another IP because it is inside the proxmox and I took another LXC. But it's really the same problem.

It is curious that when nmap is performed it only fails with IPs that do not exist.
Can you think of a solution?
#4
Tutorials and FAQs / Re: VLANS Default deny / state violation rule
January 29, 2025, 03:12:52 PM
Quote from: viragomann on January 29, 2025, 10:32:34 AMYour screenshot above shows solely TCP packets. Any TCP packet must have a certain flag (tcpflags)!
That's the way, TCP works.
https://en.wikipedia.org/wiki/Transmission_Control_Protocol

Thanks for commenting.

I have added a screenshot of the detailed firewall information.
There is no flag in the TCP protocol. What can this be due to?

From that IP the following command is being executed: nmap -SN 10.0.10.0/24.

Thanks!
#5
Tutorials and FAQs / Re: VLANS Default deny / state violation rule
January 28, 2025, 10:39:54 PM
Quote from: viragomann on January 28, 2025, 09:20:19 PMAs the log says, it might be a state violation, since you have allow any already.
Click on the info button at the right to verify the TCP flag. Presumably it's not a SYN, so it's possibly asymmetric routing.

Probably reason for this is an L2 leak in VLAN to another subnet.


I checked what you said and the TCP Flag = none.
#6
Tutorials and FAQs / VLANS Default deny / state violation rule
January 28, 2025, 06:51:55 PM
Hello everyone,

I need some help. I have been trying to solve this problem for 1 week but I can't find a solution.

I have an OPNSense installation on a Proxmox VM of a mini PC.
I also have a raspy with proxmox. Here I have an LXC with NetAlertx so I can detect all the IPs used on my network and that is where I have the problem.

When I run nmap it detects all the IPs used but all those that are not found (do not exist) appear as default deny in the firewall. As Falcon vlan rules I have an any to any to all networks.


A lot of thansk!

Pages1