Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
basic fw troubleshooting
« previous
next »
Print
Pages: [
1
]
Author
Topic: basic fw troubleshooting (Read 782 times)
9axqe
Full Member
Posts: 198
Karma: 4
basic fw troubleshooting
«
on:
August 27, 2023, 06:41:21 pm »
Hello,
I'm still very new at opnsense, so apologies in advance if this is a very trivial question.
Scenario:
* I believe I have blocked specific IPs on my LAN subnet from talking to the LAN subnet in general (they should only have internet access).
* On a device with such an IP (I checked the IP both in DHCP leases and on the device itself, let's say it's 192.168.1.201) I load
http://192.168.1.100
. It works, which is not what I expect.
Now I would like to troubleshoot it and understand which fw rules is allowing this through.
But I cannot find this connection anywhere, neither under troubleshooting>states, nor under troubleshooting>sessions. In both cases, I filter using the .201 IP. I do see some connection from that IP, but all to the internet, nothing to a the .100 IP.
What am I missing?
Logged
Monviech
Hero Member
Posts: 1478
Karma: 169
Re: basic fw troubleshooting
«
Reply #1 on:
August 27, 2023, 09:15:47 pm »
All devices in the same subnet 192.168.1.0/24 (=connected to the same switch in the same VLAN) can talk to each other directly by using the ARP protocol.
You cant block that traffic with a standard configured opnsense. For such scenarios you need a Layer 2 Firewall. If you have enough ports you can look into transparent bridge configuration.
Logged
Hardware:
DEC740
9axqe
Full Member
Posts: 198
Karma: 4
Re: basic fw troubleshooting
«
Reply #2 on:
August 28, 2023, 08:58:58 am »
Ah, of course... I do have a bridge and I see some LAN traffic on Sense, at least the traffic that has to cross the bridge and I wrongly assumed I was supposed to see all LAN traffic...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
basic fw troubleshooting