Local IP get blocked by Caddy on domain with Access list

Started by verlenord, April 23, 2025, 11:20:01 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 23, 2025, 11:20:01 AM
Hello

I need your help :-)
First, I'd like to point out that I'm a beginner and that I was able to set up my setup thanks to the various tutorials on the internet. Please forgive me for using terms that may be incorrect or imprecise when defining certain things. I'm a fast learner, but I still have a lot of gaps ...

I have installed and configured Caddy as described in the documentation, and it works perfectly well in general.

However, for some time now, I've been having problems with certain domains that I've configured to be accessible only by local ip's (Access list). At first, everything worked fine, then, after a while, ~1 month, I couldn't access them, as my ip address was no longer considered local. My laptop is configured with a fixed ip and when I change it, I can access the protected url again. This problem also arises with vpn ip addresses.

I have Crowdsec, Suricat and Zenarmor installed and configured on the router. My first thought was that somehow my ip was banned somewhere, but I couldn't find any trace in the aliases. I've also deactivated all 3 without success.

When I come back to an old fixed ip after some times, it works again and for a while, before being blocked again. I confess I don't know where to look.

Here's my access list setting:

192.168.10.0/24
10.10.10.0/24
192.168.0.0/24
192.168.30.0/24
192.168.20.0/24

Any help would be very much appreciated
Thanks
April 23, 2025, 11:24:57 AM #1
And your laptop's blocked IP address is exactly?

Any possibility your laptop is using IPv6 to access the service in question?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 23, 2025, 11:58:33 AM #2
My laptop IP is 192.168.20.45

Regarding IPv6, I have to admit that I'm really not comfortable with it. I haven't really looked into how it works.

I do have an IPv6 address, here's the info I get :

en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
   options=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
   ether 52:50:98:ef:ab:ad
   inet 192.168.20.45 netmask 0xffffff00 broadcast 192.168.20.255
   inet6 fe80::8ce:8fce:921c:14b0%en0 prefixlen 64 secured scopeid 0xe
   nd6 options=201<PERFORMNUD,DAD>
   media: autoselect
   status: active

Print
Go Up Pages1
User actions