[SOLVED] Blocked Device IP?

Started by PencilHCV, August 15, 2023, 02:10:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 15, 2023, 02:10:34 PM Last Edit: August 16, 2023, 07:59:20 PM by PencilHCV
For some reason that I don't know yet and need help with, a computer that has a fixed IP (192.168.1.10) stopped accessing the internet and can't access OPNSense from there. If I change to assigned IP address then everything works. So I tried changing to another fixed IP address (192.168.1.30) and everything works. Internet and can access OPNSense.
Then I tested another computer in the Network and changed to the fixed IP address that did not work (192.168.1.10) and it got the same error. No internet and could not access OPNSense.
This IP address is outside the DHCP Server Scope and has no other device with the same IP.
This error started after I upgraded my OPNSense to 23.7.
Is there a way to look at any logs on OPNSense to see if 192.168.1.10 is being blocked somewhere?
Thanks for any help I can get!
Best regards,
HCV
August 15, 2023, 02:11:37 PM #1
If you set the IP of the computer manually you must also set the default gateway and the DNS server manually. Did you do that?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 15, 2023, 02:13:13 PM #2 Last Edit: August 15, 2023, 02:16:36 PM by PencilHCV
yes, it worked before. And I haven't made any changes.
And I wrote that when I changed to another fixed IP Address (192.168.1.30) + all other settings, NM 255.255.255.0, GW 192.168.1.1 and DNS 192.168.1.1 everything worked
.....it is only the IP address 192.168.1.10 that is blocked
August 15, 2023, 02:46:58 PM #3
When you say blocked, how are you testing?  Just browsing to the OPNSense UI and other websites?  Have you tried pinging or dns lookups?

What do your firewall rules look like?
August 15, 2023, 03:14:29 PM #4
Hi CJ
First, the network icon at the bottom right shows no Internet.
Trying to visit some pages, trying to visit OPNSense Web interface
As for Firewall rules, can't show for security reasons.
But everything worked as it should before upgrading OPNSense.
What I want to know is if there is any log I can look at to see the IP that is not working and where the Internet is being blocked
August 16, 2023, 04:23:48 PM #5
Can anyone answer my question:
If there is a log that can show the LAN IP that is blocked in OPNSense?
Thanks!!

Best regards,
HCV
August 16, 2023, 04:37:22 PM #6
Firewall > Log Files > Live View?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 16, 2023, 07:49:45 PM #7
Thanks Patrick!

For some strange reason, 192.168.1.10 is not blocked again. Very strange and without changing anything.
So everything is working as it should right now. For this time....hehe

Best regards!
HCV
August 16, 2023, 07:51:17 PM #8
How to mark this as solved?

HCV
March 30, 2024, 03:34:28 PM #9
I've had this problem happen to me twice over the last week with two different internal IP addresses of iPhones. After just using different IP addresses, I put some time into it this morning and figured out it was related to the Crowdsec "Enable FW Bouncer (IPS)" feature. Once I disabled that I was able to pass traffic to the internet again for my internal addresses that were impacted.

So I enabled it again and went into the Crowdsec->Overview->Decisions section and saw the two addresses impacted and deleted the entries there. This allowed me to keep the feature on and pass traffic.

This only started happening a week ago and only on two different iPhones. Wondering If they are spamming something, or if it's just a coincidence that the IPs were pulled in from a blocklist somewhere. Don't know enough about how Crowdsec works to determine why the addresses are getting added to a blocklist. Time to research more I guess if it happens again as its getting annoying.
Print
Go Up Pages1
User actions