Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Opnsense with Zenarmor Free, block but not
« previous
next »
Print
Pages: [
1
]
Author
Topic: Opnsense with Zenarmor Free, block but not (Read 1892 times)
Philippe
Newbie
Posts: 4
Karma: 0
Opnsense with Zenarmor Free, block but not
«
on:
December 14, 2023, 11:01:48 am »
Hello,
I am currently testing Zenarmor Free on OPNsense.
The product looks interesting, but I am encountering a strange issue.
The connection logs indicate that a connection has been blocked (there is a red shield icon), but my internet service provider, who uses Abuse, reports receiving an alert.
I might have misconfigured something in OPNsense or Zenarmor, but I'm not sure what it could be.
Does anyone have any ideas?
Please see the attached screenshot.
Thx
Philippe
Logged
Philippe
Newbie
Posts: 4
Karma: 0
Re: Opnsense with Zenarmor Free, block but not
«
Reply #1 on:
December 14, 2023, 12:15:02 pm »
And I would like to specify that I have configured it in Bridge mode (L2).
LAN, WAN, Bridge, and MGMT interfaces.
Logged
sy
Hero Member
Posts: 592
Karma: 44
Re: Opnsense with Zenarmor Free, block but not
«
Reply #2 on:
December 14, 2023, 01:50:12 pm »
Hi,
Did you create bridge on OPNsense or Zenarmor? If it is created on OPNsense, which interface do you protect on Zenarmor?
Logged
Philippe
Newbie
Posts: 4
Karma: 0
Re: Opnsense with Zenarmor Free, block but not
«
Reply #3 on:
December 14, 2023, 01:58:16 pm »
Good question.
I created the bridge mode in Opnsense (as indicated in the doc) then I installed Zenarmor.
I have:
LAN: bce1
WAN: bce0
MGMT: em0
Bridge: bridge0
On Zenarmor, I checked bce0 (lan) and bce1 (wan). I don't see any other interface under Zenarmor.
Sorry, I'm new to this product
Logged
sy
Hero Member
Posts: 592
Karma: 44
Re: Opnsense with Zenarmor Free, block but not
«
Reply #4 on:
December 15, 2023, 01:50:57 pm »
Hi,
No worries. I'm not sure about your ISP detection but, Please protect only inner LAN side interface of the Bridge on Zenarmor.
Logged
Philippe
Newbie
Posts: 4
Karma: 0
Re: Opnsense with Zenarmor Free, block but not
«
Reply #5 on:
December 15, 2023, 01:59:14 pm »
Hi,
I believe the ISP detection is correct.
Additionally, it blocks internet connection if there are too many issues, so I need to find a firewall that blocks effectively.
If I protect the LAN interface, will it also protect against external (internet) attacks ?
But problem if I protect only LAN: "For Bridge Mode, you need to assign an interface for each of the lan and wan security zones."
So if I understand correctly
I should let Zenarmor handle the Bridge and not configure the Bridge in Opnsense?
«
Last Edit: December 15, 2023, 02:01:51 pm by Philippe
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Opnsense with Zenarmor Free, block but not