Opnsense with Zenarmor Free, block but not

[Philippe]

Hello,
I am currently testing Zenarmor Free on OPNsense.
The product looks interesting, but I am encountering a strange issue.
The connection logs indicate that a connection has been blocked (there is a red shield icon), but my internet service provider, who uses Abuse, reports receiving an alert.
I might have misconfigured something in OPNsense or Zenarmor, but I'm not sure what it could be.

Does anyone have any ideas?

Please see the attached screenshot.

Thx

Philippe

[Philippe]

And I would like to specify that I have configured it in Bridge mode (L2).
LAN, WAN, Bridge, and MGMT interfaces.

[sy]

Hi,

Did you create bridge on OPNsense or Zenarmor? If it is created on OPNsense, which interface do you protect on Zenarmor?

[Philippe]

Good question.

I created the bridge mode in Opnsense (as indicated in the doc) then I installed Zenarmor.

I have:
LAN: bce1
WAN: bce0
MGMT: em0
Bridge: bridge0

On Zenarmor, I checked bce0 (lan) and bce1 (wan). I don't see any other interface under Zenarmor.

Sorry, I'm new to this product 

[sy]

Hi,

No worries. I'm not sure about your ISP detection but, Please protect only inner LAN side interface of the Bridge on Zenarmor.

[Philippe]

Hi,

I believe the ISP detection is correct.
Additionally, it blocks internet connection if there are too many issues, so I need to find a firewall that blocks effectively.

If I protect the LAN interface, will it also protect against external (internet) attacks ?
But problem if I protect only LAN: "For Bridge Mode, you need to assign an interface for each of the lan and wan security zones."


So if I understand correctly I should let Zenarmor handle the Bridge and not configure the Bridge in Opnsense?