Hi,
i have a new interface E5 and want to add this interface Zone to the ANY Zone.
How can i do this?
Thanks
Jürgen
This thread was automatically locked due to age.
Hi,
i have a new interface E5 and want to add this interface Zone to the ANY Zone.
How can i do this?
Thanks
Jürgen
How do i get this Interface to the ANY Zone?
The new Interface is automaticly in the LAN Zone, but not in any Zone.
If i set a firewall rule to ANY, this Interface is not used by the rule.
So i added a new Zone WANE5 and added the interface to this Zone.
Next i need to change the Firewall rule and tell it to use the WANE5 Zone.
But still no Internet Access.
Never heard of such an issue.
ANY Interface should include all interfaces, configured on XG. That is an automatic process in the backend.
Maybe you need to disable the interface and recreate it with the same configuration. (Something went wrong in the creation process).
I have a PPPoE Interface assigned to WAN, but no Web Surfing is possible over this WAN Interface.
So i added a new Zone WANE5 and assigned the PPPoe to WANE5 Zone.
In the FW Rule i need to add ANY and WANE5 for Surfing the web.
Can you please revert everything to classic WAN for PPPoE and show us the LAN to WAN Rule?
Did you assign MASQ?
I reverted the rule, the Desktop is my PC.
I only need to change the Primary Gateway to PPoE Interface (Gateway) and Web Surfing fails.
This rule does not work?
Can you verify two things:
Check the outgoing packets on the Interface via tcpdump.
And check, if you see any packets dropped by XG via "drppkt |grep CLIENT_IP"
I see this in the logs...
2019-05-31 15:25:04Firewallmessageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" in_interface="PortE0" out_interface="" src_mac="48:4d:7e:d7:60:fb" src_ip="192.168.0.16" src_country="" dst_ip="193.99.144.85" dst_country="" protocol="TCP" src_port="63680" dst_port="443" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Could not associate packet to any connection." appresolvedby="Signature" app_is_cloud="0" Copy to clipboard
And the Tcpdump?
Because this seems to be only invalid Traffic (so called no issue at all, only another Symptome).
Hi Toni,
i tried to tcpdump the problems today ...
I couldnt find any problems on Monday 03.06)
Today the problem is back again, i tried rebooting VDSL Modem an reconnecting the Line.
tcpdump shows ..
Any idea ?
tcpdump -i PortE5
09:20:57.194633 PortE5, IN: PPPoE [ses 0x68] IP office.helpmaster.de.49226 > p50976a5f.dip0.t-ipconnect.de.7680: Flags [S], seq 3293676651, win 64240, options [mss 1400,nop,wscale 8,nop,nop,sackOK], length 0
09:21:03.820179 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 9, length 10
09:21:03.820199 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 9, length 10
09:21:13.796342 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 15, length 10
09:21:13.809007 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 15, length 10
09:21:25.774748 PortE5, IN: PPPoE [ses 0x68] IP zg-0301d-2.stretchoid.com.34628 > p50976a5f.dip0.t-ipconnect.de.26323: Flags [S], seq 1921522452, win 65535, length 0
09:21:25.834444 PortE5, IN: PPPoE [ses 0x68] IP 185.176.27.242.46466 > p50976a5f.dip0.t-ipconnect.de.60339: Flags [S], seq 2323947148, win 1024, length 0
09:21:32.644070 PortE5, IN: PPPoE [ses 0x68] IP 185.176.27.242.46466 > p50976a5f.dip0.t-ipconnect.de.45178: Flags [S], seq 2630271547, win 1024, length 0
09:21:33.820043 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 10, length 10
09:21:33.820060 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 16, length 10
09:21:33.820069 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 10, length 10
09:21:33.831994 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 16, length 10
09:21:53.844352 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 17, length 10
09:21:53.856489 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 17, length 10
09:22:03.666925 PortE5, IN: PPPoE [ses 0x68] IP dedic-601.freeflux.org.51766 > p50976a5f.dip0.t-ipconnect.de.8089: Flags [S], seq 2219079497, win 65535, length 0
09:22:03.820136 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 11, length 10
09:22:03.820156 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 11, length 10
09:22:13.856354 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 18, length 10
09:22:13.868474 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 18, length 10
09:22:33.820467 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 12, length 10
09:22:33.820486 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 12, length 10
09:22:33.860349 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 19, length 10
09:22:33.872439 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 19, length 10
09:22:51.154960 PortE5, IN: PPPoE [ses 0x68] IP 92.118.37.84.41610 > p50976a5f.dip0.t-ipconnect.de.12178: Flags [S], seq 3369639818, win 1024, length 0
09:22:53.884352 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 20, length 10
09:22:53.896433 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 20, length 10
09:23:03.820348 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 13, length 10
09:23:03.820367 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 13, length 10
Another tcpdump
I disconnected the XG and connected a Laptop to the VDSL Modem.
In the Modem i enabled VLAN Tagging for the connection (7) and i was able to use the VDSM Modem with my laptop fine.
Next i removed the laptop and used the XG with VDSL tagging disabled (let the Modem do the tagging) and again no internet.
Here is the next tcpdump
09:54:44.038157 PortE5, IN: PPPoE [ses 0x6c] IP 13.107.21.200.https > p50976a5f.dip0.t-ipconnect.de.59594: Flags [R.], seq 1166334352, ack 3546874443, win 0, length 0
09:54:45.756947 PortE5, IN: PPPoE [ses 0x6c] IP 52.114.132.22.https > p50976a5f.dip0.t-ipconnect.de.59597: Flags [R.], seq 3309696796, ack 679283955, win 0, length 0
09:54:47.904455 PortE5, IN: PPPoE [ses 0x6c] IP 13.107.21.200.https > p50976a5f.dip0.t-ipconnect.de.59593: Flags [R.], seq 1005546302, ack 1501154643, win 0, length 0
09:54:48.793960 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 3, length 10
09:54:48.793978 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 3, length 10
09:54:51.900353 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 5, length 10
09:54:51.912466 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 5, length 10
09:55:01.258882 PortE5, IN: PPPoE [ses 0x6c] IP a-0003.a-msedge.net.https > p50976a5f.dip0.t-ipconnect.de.59733: Flags [R.], seq 1373803168, ack 1350079180, win 0, length 0
09:55:05.758171 PortE5, IN: PPPoE [ses 0x6c] IP 92.118.37.84.41610 > p50976a5f.dip0.t-ipconnect.de.43184: Flags [S], seq 3406234753, win 1024, length 0
09:55:11.924350 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 6, length 10
09:55:11.936696 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 6, length 10
Hi Toni,
i tried to tcpdump the problems today ...
I couldnt find any problems on Monday 03.06)
Today the problem is back again, i tried rebooting VDSL Modem an reconnecting the Line.
tcpdump shows ..
Any idea ?
tcpdump -i PortE5
09:20:57.194633 PortE5, IN: PPPoE [ses 0x68] IP office.helpmaster.de.49226 > p50976a5f.dip0.t-ipconnect.de.7680: Flags [S], seq 3293676651, win 64240, options [mss 1400,nop,wscale 8,nop,nop,sackOK], length 0
09:21:03.820179 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 9, length 10
09:21:03.820199 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 9, length 10
09:21:13.796342 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 15, length 10
09:21:13.809007 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 15, length 10
09:21:25.774748 PortE5, IN: PPPoE [ses 0x68] IP zg-0301d-2.stretchoid.com.34628 > p50976a5f.dip0.t-ipconnect.de.26323: Flags [S], seq 1921522452, win 65535, length 0
09:21:25.834444 PortE5, IN: PPPoE [ses 0x68] IP 185.176.27.242.46466 > p50976a5f.dip0.t-ipconnect.de.60339: Flags [S], seq 2323947148, win 1024, length 0
09:21:32.644070 PortE5, IN: PPPoE [ses 0x68] IP 185.176.27.242.46466 > p50976a5f.dip0.t-ipconnect.de.45178: Flags [S], seq 2630271547, win 1024, length 0
09:21:33.820043 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 10, length 10
09:21:33.820060 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 16, length 10
09:21:33.820069 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 10, length 10
09:21:33.831994 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 16, length 10
09:21:53.844352 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 17, length 10
09:21:53.856489 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 17, length 10
09:22:03.666925 PortE5, IN: PPPoE [ses 0x68] IP dedic-601.freeflux.org.51766 > p50976a5f.dip0.t-ipconnect.de.8089: Flags [S], seq 2219079497, win 65535, length 0
09:22:03.820136 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 11, length 10
09:22:03.820156 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 11, length 10
09:22:13.856354 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 18, length 10
09:22:13.868474 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 18, length 10
09:22:33.820467 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 12, length 10
09:22:33.820486 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 12, length 10
09:22:33.860349 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 19, length 10
09:22:33.872439 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 19, length 10
09:22:51.154960 PortE5, IN: PPPoE [ses 0x68] IP 92.118.37.84.41610 > p50976a5f.dip0.t-ipconnect.de.12178: Flags [S], seq 3369639818, win 1024, length 0
09:22:53.884352 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 20, length 10
09:22:53.896433 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 20, length 10
09:23:03.820348 PortE5, IN: PPPoE [ses 0x68] LCP, Echo-Request (0x09), id 13, length 10
09:23:03.820367 PortE5, OUT: PPPoE [ses 0x68] LCP, Echo-Reply (0x0a), id 13, length 10
Another tcpdump
I disconnected the XG and connected a Laptop to the VDSL Modem.
In the Modem i enabled VLAN Tagging for the connection (7) and i was able to use the VDSM Modem with my laptop fine.
Next i removed the laptop and used the XG with VDSL tagging disabled (let the Modem do the tagging) and again no internet.
Here is the next tcpdump
09:54:44.038157 PortE5, IN: PPPoE [ses 0x6c] IP 13.107.21.200.https > p50976a5f.dip0.t-ipconnect.de.59594: Flags [R.], seq 1166334352, ack 3546874443, win 0, length 0
09:54:45.756947 PortE5, IN: PPPoE [ses 0x6c] IP 52.114.132.22.https > p50976a5f.dip0.t-ipconnect.de.59597: Flags [R.], seq 3309696796, ack 679283955, win 0, length 0
09:54:47.904455 PortE5, IN: PPPoE [ses 0x6c] IP 13.107.21.200.https > p50976a5f.dip0.t-ipconnect.de.59593: Flags [R.], seq 1005546302, ack 1501154643, win 0, length 0
09:54:48.793960 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 3, length 10
09:54:48.793978 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 3, length 10
09:54:51.900353 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 5, length 10
09:54:51.912466 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 5, length 10
09:55:01.258882 PortE5, IN: PPPoE [ses 0x6c] IP a-0003.a-msedge.net.https > p50976a5f.dip0.t-ipconnect.de.59733: Flags [R.], seq 1373803168, ack 1350079180, win 0, length 0
09:55:05.758171 PortE5, IN: PPPoE [ses 0x6c] IP 92.118.37.84.41610 > p50976a5f.dip0.t-ipconnect.de.43184: Flags [S], seq 3406234753, win 1024, length 0
09:55:11.924350 PortE5, OUT: PPPoE [ses 0x6c] LCP, Echo-Request (0x09), id 6, length 10
09:55:11.936696 PortE5, IN: PPPoE [ses 0x6c] LCP, Echo-Reply (0x0a), id 6, length 10
