Author Topic: Policies don't match Source IP (Read 3558 times)

Georges · « **on:** November 25, 2020, 04:08:28 pm »

Hello,

I'm on sensei 1.6.X Premium Edition and i have create a new Policies where i have enter the IP address of my laptop and block for exemple Porno**** And when i try to access it... it's work...
It's only block when the block section is in the Default Policies

Why ?

Thank you in advance

sy · « **Reply #1 on:** November 25, 2020, 05:24:32 pm »

Hi Georges,

When you activated the custom policy, does your IP match the correct policy? Can you check it from Reports - Connections - Live Session Explorer - Policy Column?

Georges · « **Reply #2 on:** November 25, 2020, 10:07:39 pm »

Default

...

I try with both ip and ip/32 but nothing....

sy · « **Reply #3 on:** November 26, 2020, 06:14:15 pm »

Hi Georges,

The policy works and...and. I see that you added a group as well. Your policy matches on LAN interface, in the system group, and the IPs that you added. If one of them is missing, it doesn't apply any item in the policy. So the IP addresses belong to the system group users?

Georges · « **Reply #4 on:** November 26, 2020, 07:50:49 pm »

Ohhh ok i get it.

I remove the system group and user and it's work.

I do not know where is configure system group or user. Sensei conf or Opnsense?

sy · « **Reply #5 on:** November 27, 2020, 06:04:52 pm »

Hi Georges,

Sensei can apply policies for Captive portal and Microsoft AD users and groups. Or, The OPNsense aliases (Firewall - Aliases) use for reporting as top local hosts or kind of local IP reports but not for policy.

Author Topic: Policies don't match Source IP (Read 3558 times)

Georges

Policies don't match Source IP

sy

Re: Policies don't match Source IP

Georges

Re: Policies don't match Source IP

sy

Re: Policies don't match Source IP

Georges

Re: Policies don't match Source IP

sy

Re: Policies don't match Source IP