Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor blocking VLAN randomly
« previous
next »
Print
Pages: [
1
]
Author
Topic: Zenarmor blocking VLAN randomly (Read 774 times)
lorem
Newbie
Posts: 10
Karma: 0
Zenarmor blocking VLAN randomly
«
on:
May 21, 2024, 02:56:35 am »
This is for a new install with updates. The LAN and DMZ are configured. A PC connected to the LAN is never interrupted. An Android connected to the WiFi router connected to DMZ is getting blocked after a random delay. In Zenamor->Live Sessions->Blocks tab, the application protocols such as DHCP, QUIP, NTP are showing rejected. But these are allowed in policies. Often the Android is still on the internet without apparent interruption for about 10 - 30 minutes, generating random rejected reports in the Blocks tab. then it is suddenly totally blocked. If I set Bypass mode it is always suddenly is back online with no interruptions.
«
Last Edit: May 21, 2024, 03:01:00 am by lorem
»
Logged
lorem
Newbie
Posts: 10
Karma: 0
Re: Zenarmor blocking VLAN randomly
«
Reply #1 on:
May 21, 2024, 04:57:40 am »
Setting Deployment mode to Passive Mode changes nothing. How is this possible in passive mode? Is something else the real problem?
«
Last Edit: May 21, 2024, 05:06:40 am by lorem
»
Logged
sy
Hero Member
Posts: 593
Karma: 44
Re: Zenarmor blocking VLAN randomly
«
Reply #2 on:
May 21, 2024, 11:43:43 am »
Hi,
Thanks for reporting the issue. Zenarmor uses pcap in passive mode instead of netmap. pcap provides a copy of packets and zenarmor can not affect the traffic. Do you restart the engine aftr you change the deployment mode?
And can you share the block message for the blocked VLAN traffic in Live Session - Blocks?
Logged
lorem
Newbie
Posts: 10
Karma: 0
Re: Zenarmor blocking VLAN randomly
«
Reply #3 on:
May 21, 2024, 01:47:43 pm »
I solved it by doing "Reset Zenarmor to factory defaults," then stepping through and restoring the Policies settings and repeatedly testing. I block everything except what is needed for network functions and my VPN traffic. This time there was only HTTP and HTTPS that recorded as blocked. The phone OS was calling home so I unblocked HTTPS. None of the previous network blocking reoccurred. It is working OK now.
To answer your question I assume you mean the Live Session, Blocks tab, the "Block message" column. I've attached screenshots of the Blocks and Connections tabs during that time.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor blocking VLAN randomly