Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 5 subscribers
  • Views 3349 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Solved] - User error - UTM not accepting a firewall rule (or... I'm an idiot) help please

SalishSwede

So this is basic

I'm setting up a firewall rule to allow specific VPN traffic

Here's the specific service definition


Attempting to setup a VPN, I get this...

Here are some of the same drops from the full firewall log


Why is this traffic getting blocked?

Key concern is the destination address.
Why is this traffic going to the network address?
This is an Android device so there  little hope of finding a rational adult there to assist.
I'm just hoping I can find some answers here.



This thread was automatically locked due to age.
  • 0

    I would try changing your protocol to either just TCP or UDP.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0

    What are your interfaces / security zones ?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to PhilippRusch

    The relevant interfaces are

    - WLAN1 which is the 10.2.0.1/16 net
    - External (WAN) which is a local ISP with gigabit fiber

  • 0

    I found a work-around which is not a solution.
    I can create a VPN while not connected to the UTM generated WLAN.
    Then  connect the phone to the WLAN.  The VPN remains stable, but I still cannot establish a new VPN connection on my Android phone using the UTM.

  • 0 in reply to Amodin

    I created individual rules for TCP and UDP and saw no change.

  • 0

    Looks like you don't have a rule allowing traffic to the internal network.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I can't think of traffic I would like reaching the internal network.  Can you give me an example of what this traffic might be?

  • 0 in reply to SalishSwede

    I repeat my question: what are your interfaces / zones in relation to those interfaces

    What we know now: you have an interface "WLAN1" with 10.2.0.1 and I guess this should have /16 as mask.

    The you have "External WAN" with maybe a public address from your ISP

    rfcat_vk asked for an "Internal" LAN interface, which is normally used for a cabled network.

    If traffic from 10.2.1.7 to 10.2.0.1 is dropped, then you have something misconfigred with your subnet masks.

    With a /16 mask, 10.2.0.1 and 10.2.1.7 awould be in the same net and not cause any drops. Are these devices on the same interface?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML