Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Application reports blocked, but still is allowed for use
« previous
next »
Print
Pages: [
1
]
Author
Topic: Application reports blocked, but still is allowed for use (Read 1260 times)
NopSled
Newbie
Posts: 6
Karma: 0
Application reports blocked, but still is allowed for use
«
on:
April 07, 2023, 04:15:52 am »
Hello All -
Recent convert from the "other" sense platform to OPNsense. After installing Zenarmor (Home License) and configuring my first policy, I disabled Instagram within the applications. In the report, I see entries in red showing that it was supposedly blocked, but I am still able to get to the site on the web as well as use the app on my cell phone. I am currently running in "Routed Mode (L3 Mode, Reporting + Blocking) with native netmap driver". Wasn't sure how the blocking actually worked or if I missed something possibly. I do have a PiHole running on the network. I saw in the documentation that PiHole could run in parallel with Zenarmor so long as caching is disabled. Would having a PiHole w/unbound DNS running on the network cause issues with the application blocking?
Edit: Since I point clients to PiHole via DHCP, I pointed my machine to use the default resolver on OPNsense instead and got the same result.
Thanks!
«
Last Edit: April 07, 2023, 04:27:37 am by NopSled
»
Logged
sy
Hero Member
Posts: 595
Karma: 44
Re: Application reports blocked, but still is allowed for use
«
Reply #1 on:
April 07, 2023, 01:00:55 pm »
Hi,
We need to check the configuration. Can you share a bug report from the upper right corner of Zenarmor GUI by selecting Zenarmor logs and configuration checkboxes?
Logged
NopSled
Newbie
Posts: 6
Karma: 0
Re: Application reports blocked, but still is allowed for use
«
Reply #2 on:
April 19, 2023, 01:05:59 am »
Sorry for the delayed response Sy.
I just loaded Zenarmor to a spare appliance that I have here and it now appears to work correctly blocking social media sites from the web settings portion of the policy. I did notice that I am still able to however get to one of the social media sites (Instagram) with the app on my cell phone. The difference between the two configurations are that the other box I had it installed on was using a single trunked interface with 3 VLANs (only the parent interface selected) and this box has discreet interfaces. I will reload to the other appliance and send the logs via the GUI tomorrow when I can take the other box out of service to reconfigure.
Thanks!
Logged
sy
Hero Member
Posts: 595
Karma: 44
Re: Application reports blocked, but still is allowed for use
«
Reply #3 on:
May 01, 2023, 12:53:12 pm »
Hi,
Can you confirm that the mobile phone is matching to the correct policy?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Application reports blocked, but still is allowed for use