Cannot connect to main ISP router after installation of Firewalla

Comments

5 comments

  • Avatar
    Firewalla

    Guido, 

    Quick questions

    1. other than not able to connect to your ISP router, is other operations normal on Firewalla?

    2. Have you tried to reboot the ISP router? (what is the router model?)

    Firewalla don't really spoof the ISP router, it is left alone.  (Well, we used to, half year back and we turn that capability off)

  • Avatar
    Guido Beijderwellen
    Hi!,
     
    1. Firewalla is working ok, as far as I can determine.
     
    2. The Internet modem is from Ziggo (ISP) and the type is the Connectbox from Compal CH7465LG. https://www.ziggo.nl/klantenservice/wifi/modem/connect-box/
    I have rebooted the router multiple times without any solution.
     
    3. When I run “arp -a” I see that the mac address of the Firewalla is connected to the ip-address of the main router!
    When I delete the Arp entry, I can access the router again! But then firewalla is no longer working... (no blocking and no data transfer...)??? Apparently the spoofing is not yet off?
     
  • Avatar
    Firewalla

    (3)  when u run arp -a on any machine other than firewalla, and your router, you should see the IP address of the router mapped to MAC of firewalla.  This is the spoofing part (1).

    Let me open a case and you need to help us a bit and give us support access.  This is the first time we seen that router. 

  • Avatar
    Guido Beijderwellen

    The mac addresses of the Router and of firewalla are:

     

    When I run arp -a from the macbook I see that on the first line firewalla has taken the ip address.

    Now, when I reboot the macbook I suddenly CAN access the ISP router again, even though the
    ARP table has the incorrect combination. I don't understand this. I could not access the ISP router
    for several days until now! But now I have restarted both the router and the macbook, the first
    try of http://192.168.0.1 failed, but the second try I worked!!!

    But ARP -a still shows the above screen! I don't understand this. Why is it working sometimes
    and sometimes it isn't?

    Guido

  • Avatar
    Firewalla

    Guido, I've deleted the screen shot since it has full mac addresses.  The observation is correct.  What happen with spoofing is this

    1. Firewalla tells the macbook, hey I am the router, here is my MAC address.  Then on your macbook you will see 192.168.0.1 mapped to MAC of firewalla

    2. When macbook send packets, it will send to MAC address of firewalla.

    3. Firewalla will receive the packet and then forward it to the real router by rewrite the MAC to the MAC of the router.

    This is the 'spoof' at work.  Firewalla in this case is an routing element.  

    More here

    https://help.firewalla.com/hc/en-us/articles/115004292514-Tutorial-How-does-Firewalla-Intercept-Traffic-

Please sign in to leave a comment.

Powered by Zendesk