Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - verlenord

Pages1
#1
Web Proxy Filtering and Caching / Local IP get blocked by Caddy on domain with Access list
April 23, 2025, 11:20:01 AM
Hello

I need your help :-)
First, I'd like to point out that I'm a beginner and that I was able to set up my setup thanks to the various tutorials on the internet. Please forgive me for using terms that may be incorrect or imprecise when defining certain things. I'm a fast learner, but I still have a lot of gaps ...

I have installed and configured Caddy as described in the documentation, and it works perfectly well in general.

However, for some time now, I've been having problems with certain domains that I've configured to be accessible only by local ip's (Access list). At first, everything worked fine, then, after a while, ~1 month, I couldn't access them, as my ip address was no longer considered local. My laptop is configured with a fixed ip and when I change it, I can access the protected url again. This problem also arises with vpn ip addresses.

I have Crowdsec, Suricat and Zenarmor installed and configured on the router. My first thought was that somehow my ip was banned somewhere, but I couldn't find any trace in the aliases. I've also deactivated all 3 without success.

When I come back to an old fixed ip after some times, it works again and for a while, before being blocked again. I confess I don't know where to look.

Here's my access list setting:

192.168.10.0/24
10.10.10.0/24
192.168.0.0/24
192.168.30.0/24
192.168.20.0/24

Any help would be very much appreciated
Thanks
#2
General Discussion / Can no longer access smb or ssh on one device in VLAN
April 23, 2025, 10:54:50 AM
Hello,

I need your help :-)
First, I'd like to point out that I'm a beginner and that I was able to set up my setup thanks to the various tutorials on the internet. Please forgive me for using terms that may be incorrect or imprecise when defining certain things. I'm a fast learner, but I still have a lot of gaps ...

For about 10 days now, I've been unable to access the various internal services on my NAS (SMB, ssh, etc.). I can't pinpoint the exact change that led to this problem, but I'm guessing it's been happening since the latest Opnsense 25.1.5 upgrade.
All services exposed via reverse proxy are accessible without problems, but I can no longer mount shared volumes locally or connect via ssh on my NAS when I'm on the current VLAN.

I have 4 VLAN in my network. The main NAS (Synology DS920+), another NAS and a raspberry are on the DMZ VLAN. All other laptop-type devices are on a USER VLAN, and the various firewall rules for accessing devices in the DMZ VLAN have always worked well so far. I can still access the other NAS and the Raspberry via ssh without any problems.

I've turned the problems upside down, suspected lag, the switch, the settings on the Synology, I can't get anywhere. I can access without problems when I'm connected to the LAN for testing, but not from the VLAN. Surprisingly, I can also connect to the NAS using ssh or SMB when I'm on the wireguard vpn (I have a firewall rule that allows this).

Anyway, if anyone could help me find the problem with methodology, I'd be infinitely grateful :-)
Pages1