Default Internet access rule for a network

Follow

Brian Walkowski

• October 27, 2021 22:34

What I'm wondering and testing now is... If using rules... do I need a specific rule to say allow Home network to/from internet?  Seems after several failures... I do but would like some input.

I have Firewalla gold  with two networks.

Network: Repository on Port 1 has a couple SANS on it.

Network: Home on Ports 2&3 Bridged has everything else, laptops, towers, Cell Phones, tablets, TV, Alexa's, Googles, etc..

Been having problems with phones and Tablets connecting to internet... get messages saying no internet connections, and another message on iphone Network is using encrypted DNS...

Thought I had simple rules...

Block Repository to/from Internet

Block repository to/from Home Network

Allow my iphone and laptop to repository

Allow repository to Synology.com Quickconnect.to and Android.com

After some time devices start losing internet connection.  Emergency Access works, Diagnostics shows nothing.   Hoping my Allow everything on Home network to/from Internet keeps things working. 

 

0

• 

  Firewalla

  • October 27, 2021 22:52

  If emergency access works, then the issue is likely related to the rules.  You can selectively pause them and find which ones are causing issues. In case you have a lot of rules, best to start simple and grow them as you go. 

  0

  Comment actions Permalink
• 

  Brian Walkowski

  • October 28, 2021 16:17

  nothing worked this morning.   i put to whole device in bypass and that did nothing.  i then deleted all rules to get things going.   Yet last evening it was working fine,,,, seems after a while something starts going sideway

  are there log files to look at somewhere?

  0

  Comment actions Permalink
• 

  Firewalla

  • October 28, 2021 17:02

  Is your LAN to LAN not working or LAN to WAN not working? by not working, is it all sites or just a few sites? (remember, some rules are DNS based, it may take a few min for it to timeout)

  Usually the logs are /var/log/syslog

  But if it is anything complex, we can help you look by going into the box. 

  0

  Comment actions Permalink
• 

  Chris Thomas

  • October 29, 2021 18:14

  What is this bridge functionality you are talking about with ports?

  0

  Comment actions Permalink
• 

  Brian Ward

  • December 09, 2021 19:23

  FYI - I'm having a similar issue connecting to the Synology Quickconnect service.   I can grand Emergency Access to my NAS and QC works.  Unfortunately I don't have any rules affecting the Synology.   Just the basic "deny WAN all" included by default.

  Much like you, Firewalla doesn't show any blocked flows when the service stops working.

  0

  Comment actions Permalink
• 

  Chris Thomas

  • December 19, 2021 02:10

  @Brian Walkowski,

    What is the network bridge you are talking about?  You cant plug two interfaces from Firewall into the same switch, unless you have placed those two ports on separate VLANs (which also means the switch has to support VLANs)

   

  ...ct

  0

  Comment actions Permalink
• 

  Andy brown

  • December 19, 2021 07:53

  Unless you put the 2 firewall ports into LAG and the switch also supports this.  Then 2 ports are ok into the same switch without Vlans.

  0

  Comment actions Permalink

Please sign in to leave a comment.