Unknown VPN showing in the Dashboard (sharing experience, no fire)

Follow

JR

• January 30, 2025 15:25

Just a heads-up to fellow testers on something I stumbled across that freaked me out till I figured it out.  In the FW IOS app everything looked ok when I reviewed devices/users/groups but when I looked at the web page (https://my.firewalla.com/#/dashboard) under devices I noticed 2 new VPN connections with the name “AP”. The IP’s weren’t in any of my existing VPN or DHCP nets, my immediate fear was that I’d been hacked.  Investigating this more, the IOS App wasn’t helping at all so I logged into the Firewalla’s CLI and started looking around. Checking the ARP table (arp -a) I was able to find the mystery VPN IP, then searching the list again greping for the VPN’s MAC. I found that it’s the same MAC as the AP7 (I have two which explains the 2 new VPN connections), having 2 connections from the AP to the Firewalla, one being a VPN which I’m suspecting is for AP or mesh management. Anyway, just a sharing so someone else doesn’t have the same 30 min of heart racing fun….

3

• 

  Firewalla

  • January 30, 2025 16:35

  Yes, those networks are used by the AP for mesh management. We will fix the my.firewalla part or clarify that soon.

  2

  Comment actions Permalink

Please sign in to leave a comment.