Topics

1

23.7 Legacy Series / Issue with traffic traversing from one vlan to another

« on: January 25, 2024, 08:26:35 pm »

I have several vlans on my network. I am trying to get traffic to traverse from the LAN to a network I have labeled Server. The firewall logs show that the traffic makes it through yet it is not making it through as I cannot reach the resources. I have a rule in the firewall set up to allow all traffic from Lan to Server. I do not have this same problem with a different vlan called Kids. It has the same rule and is able to traverse.

What am I missing?

2

22.7 Legacy Series / DNS Suffix Issue

« on: November 17, 2022, 08:36:03 pm »

Is there a way to get the DHCP server to stop handing out my local DNS Suffix. I do not have it set so I assume its inherited but there is an application that I cannot use on my network because it's appending the local DNS Suffix.

3

22.1 Legacy Series / Gateway Monitoring

« on: February 08, 2022, 01:24:02 am »

When I have gateway monitoring on, i get random alerts that an interface is down. However, it is not actually down (from what I can tell). What can I investigate to get to the bottom of this?

4

21.7 Legacy Series / Upnp only working intermittently

« on: January 08, 2022, 05:31:39 pm »

We have 3 Xboxes on a dedicated vlan and setup upnp. After setup, everything was rebooted. It was not working and I gave up on the setup. Then after months, I received an alert that one of the devices setup a upnp port. That was last night. Any pointers here as I'm unsure what to do next?

5

21.7 Legacy Series / [Solved] Deny unknown clients is not working

« on: December 30, 2021, 05:42:03 pm »

I have several VLANs that are set to deny unknown clients but I am able to connect with clients that are supposed to be available on other VLANs only. Running 21.7.7. Known issue?

Looks like this is by design.

6

21.7 Legacy Series / All traffic in firewall logs from WAN interface

« on: December 19, 2021, 05:13:50 am »

As I am viewing the firewall logs, almost all of the traffic shows that it originates from the WAN interface as opposed to the actual internal interface that it originates from. I think this is causing me other problems (multi-wan doesnt work, cant use UPNP, etc). Did I do something funky that would have caused this? None of my firewall rules seem to be used either as they all default to the "let out anything" rule.

Thanks

7

21.7 Legacy Series / Help with load balancing

« on: December 16, 2021, 12:27:09 am »

Can someone point me to working instructions to load balance multiple WAN connections? My implementation seems to just randomly choose which connection to use.

8

High availability / Problem with the failover process when a single interface fails

« on: December 10, 2021, 05:09:34 pm »

Hopefully this is just a newbie error as it doesnt seem like im doing it right.

I set up CARP with my LAN connection (And each of my VLAN connections) as well as my 3 WAN connections.

Everything syncs and the status looks right.

If i remove a connection from one machine, it drops 1 ping and then transitions to the other machine and resumes pinging. The problem is that some of the VIPs are sitting on each node and services dont work so I cant actually do dns lookups for example. I have the checkbox for disable preempt off on both nodes and set up the outbound NAT rules as well. Is there something else that I am missing?

9

21.7 Legacy Series / Unbound Issues

« on: December 09, 2021, 04:30:33 pm »

I have a new installation and am finding that DNS stops working randomly and I could use some advise on where to go to troubleshoot.

Unbound was serving up requests last night and this morning I was seeing DNS errors in a browser. So I went into diagnostics to perform a DNS lookup and it shows failed to 127.0.0.1 but the other external DNS servers (set up in the General section) resolve. A restart of Unbound resolves the issue.

These are the logs (I didnt cut anything out) from the point they last wrote until when I kicked off the restart

2021-12-09T06:21:22   unbound[87125]   [87125:0] info: service stopped (unbound 1.13.2).   
2021-12-08T21:39:19   unbound[87125]   [87125:0] info: generate keytag query _ta-4f66. NULL IN   
2021-12-08T14:39:41   unbound[87125]   [87125:1] info: generate keytag query _ta-4f66. NULL IN   
2021-12-08T14:39:41   unbound[87125]   [87125:0] info: generate keytag query _ta-4f66. NULL IN   
2021-12-08T14:39:41   unbound[87125]   [87125:0] info: start of service (unbound 1.13.2).

While I want to get to the root of the issue and could use pointers to further troubleshoot as I'm stuck, I could also use some pointers on how to detect and automatically remediate in the short term.

Thank you.

10

21.7 Legacy Series / Gateway routing with Multiple WAN connections is not working. (Solved)

« on: December 08, 2021, 11:58:36 pm »

I am trying to manage our multiple WAN connections by ordering them in a Gateway group (ordered by Tier). I have a rule set as the first in my firewall (testing of course) to allow anything using that group for its gateway but the selected connection is tier 2 (instead of Tier 1). I opened the Firewall Live logs and filtered by source address of the device and I see no traffic.

What am I doing wrong?

Solved

Deleted the existing rules and recreated and is now working.

11

21.7 Legacy Series / VLAN creation issue

« on: December 08, 2021, 07:45:01 pm »

I have a new installation and DHCP works fine on the LAN interface.

I created a new vlan, assigned it, enabled the interface, assigned an IP, set up a dhcp scope and enabled it. Created a temporary allow all rule in the firewall to test. When I move a device to the new vlan, the DHCP request (in the log) tries to be served by the LAN address.

So I assigned a static address and tried to ping the gateway and cant ping. Where do I look to troubleshoot?

For context, this is a hyper-v vm and I have another firewall as a vm (from another vendor) that I am migrating from with the same settings on the same switch and the same hyper v settings and it works over there, so I can say the switch and the hyperv network are not the issue.

Thank you