Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Firewalla Blue active protect problem

Follow
Avatar
Roel Rothkrans

Hello,

All of a sudden I have a problem with the Active Protect option it seems. I have a Synology NAS in my network. From today coming from an external address (I tried at least 3 separate external addresses) the Synology is very sluggish and is continuesly stating that there are networkproblems when opening different services or apps. I also get notification mails from the Synology that there are problems with my site-to-site VPN-service (I made a trigger on that from the Synology log center). I have turned off my Firewalla Blue and that seemed to do the trick. The Synology becomes responsive as normal and starts connecting different services immediately (e.g. VPN, Onedrive sync). So I deep dived in the Firewalla, but can't find any of the external addresses I used today among the adresses in the "Block Rules section", also not under the "Active Protect Rules". However it seems more like it is blocking certain outgoing traffic coming from the NAS, because why would I still be able to (sluggishly) log in and "use" the site and why would my site-to-site VPN become disconnected? But the NAS-ip isn't listed in any block rule as well. After further searching and reading the text at the Active Protect setting about auto-blocking high risk network activities, as a test I just turned off the feature. And now all seems to work fine again with only the Firewalla monitoring mode. However I would like to use the Active Protect feature as I have always done. 

So my questions, am I correct in believing the issue is in the traffic coming from the NAS? Secondly, how do I solve the issue, so that I can use Active Protect again?   

0

Comments

7 comments

Sort by Date Votes
  • Avatar
    Firewalla

    The first thing is always to check the rule button and see if there is anything that may potentially be blocking these connections.   Some of the rules are dynamic, meaning they first block DNS and then will block the IP that the DNS resolves to.   Some rules are automatically learning ... 

    To verify if the rules are blocking your NAS, simply disable monitoring on the device and if everything works, then it is a rule somewhere blocking something. 

    As of the time of this message, we are working on a few tools to make this simpler ... hopefully they go to beta soon

    0
    Comment actions Permalink
  • Avatar
    Roel Rothkrans
    • Edited

    Yeah, but that's just it. When I turn off the Firewalla or the monitoring feature the Synology responds just fine. So I turned it back on and started looking further. With monitoring on again, it was sluggish. So loohing further I turned off the Active Protect option. After that it all worked fine with monitoring on. So there seems to be something in the Active Protect what is blocking services. However, looking under "Rules -> Blocking rules -> Active Protect Rules" I only see IP-addresses, and the IP of the NAS or the external addresses I came from weren't mentioned there.

    Where can I look any further to solve this and see services that are blocked if the IP's aren't listed in the Blocking Rules or Active Protect Rules?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Do you mean when the problem happened, you didn't have any rules, except active protect rules?   The default set usually is very high-risk IP addresses, that we block by default.  Would you mind sending the IP address that's blocked to help@firewalla.com? we can take a look 

    0
    Comment actions Permalink
  • Avatar
    Roel Rothkrans

    No, I turned Monitoring on, and Active Protect off. That's the combination that works. But now I have active protect "off" (and monitoring still "on") and don't know how to get Active Protect back on aswell, without disturbing my Synology traffic again. 

    0
    Comment actions Permalink
  • Avatar
    Support

    Hi,

    Can you please send an email to help@firewalla.com so that we can further track the issue in the support system? Can you please also enable remote support access and share the credential with us in the email so that we can do remote troubleshooting? Here is a guide on how to enable remote support access: https://help.firewalla.com/hc/en-us/articles/115004705654-Tutorial-Support

     

    Thanks

    0
    Comment actions Permalink
  • Avatar
    Chad Sealock

    Was this resolved, because this behavior sounds like exactly the same behavior I'm experiencing.  The issue isn't happening with a NAS, but with my kid's Chromebook logins for their school accounts. Whenever Active Protect is enabled, the internet is extremely sluggish.  The moment that Active Protect is disabled, normal speed resumes.  It's not a device issues, since it happens on multiple devices, but only when they login with their school Chromebook accounts.  If they login in with their personal accounts, the connectivity is as expected.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Try to follow this article and see if you can find the rule that's blocking https://help.firewalla.com/hc/en-us/articles/360050255274-What-to-do-when-you-can-t-access-certain-websites-

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post