No more Internet access since yesterday afternoon.

darkcorner

No more Internet access since yesterday afternoon.
I don't remember changing the configuration.
The Gateway is online.
The WAN and LAN cards are Up.
DDNS reports correct IP.
I have checked DNS Resolver and it looks OK to me.
In LOG I don't see anything abnormal.
I've tried disabling Squid and anything I don't need.

I can always access the WebGUI from the LAN.
From here I ping 8.8.8.8: from WAN it works, from LAN it doesn't.
Even OpenVPN no longer goes remotely.
I have no idea what else to check.

viragomann

@darkcorner said in No more Internet access since yesterday afternoon.:

I have checked DNS Resolver and it looks OK to me.

Better check if DNS resolution is working on a LAN device.
What do you get?
What tells the browser?

I can always access the WebGUI from the LAN.
From here I ping 8.8.8.8: from WAN it works, from LAN it doesn't.

Changing the source in the ping tool to LAN will not work.

Better try to ping 8.8.8.8 from a LAN device.

stephenw10

If you can ping in the gui from WAN (or default) but not LAN it's likely outbound NAT is not working for some reason.
Check Diag > States for correctly NAT'd traffic on WAN. Start a ping from a LAN client. Filter for that ping.

If there are no states at all there could be a problem with the ruleset. You should see alerts shown on in the GUI when that happens but you can also trigger it in Status > Filter Reload. Reload the ruleset, note any errors.

What is the firewall uptime (shown on the dash)? Did it reboot when this started?

Steve

darkcorner

The Windows 10 icon does not report errors, but the Internet is not working. I can neither browse nor ping 8.8.8.8
I also reset Diag / States.
I see no errors.
I've rebooted, several times.
This is a test environment and it is not a problem to delete everything to recreate it, but it was working fine and I would like to understand what happened.

I put this firewall on stand-by and work with an updated copy.
I'll try to test option by option to see what has changed.
Thanks to all.

stephenw10

What do you see in the states though? Is it opening states on LAN and WAN for the client traffic as expected?

darkcorner

@stephenw10
I had already looked and I did not seem to find errors even here.
It is true, however, that I find it hard to understand what is displayed, for example all those ports, always different, associated to the IP address.
I read the documentation, but it didn't help me and I made a point of looking into it further later.

For the moment I have solved it by restoring a basic version of the VM and continuing to test this new one.

Thanks anyway.

stephenw10

If you ping 1.1.1.1 from a client on LAN and then look for that in the state table you should see something like this:

So a state allowing it in on LAN and another state allowing it out on WAN and also NATing the source to the WAN IP (also a private IP in my example).

Steve