Work laptop disabling local network
-
I just set up squid proxy with pfSense and I noticed yesterday that my internet on my local network was not working. Have a switch with 5 devices:
- Netgate 2100
- PlayStation
- Smart TV
- Personal Computer
- Work laptop because I work a hybrid job
I started diagnosis and pinged all devices I had communication with all but my work laptop because they must have disabled ICMP protocol
I was scratching my head until I had suspicion that my work laptop IT security would be the one to do something funny on my local network so I disconnected that laptop from the wire. Refreshed my browser and sure enough my internet came back.
I tried plugging the ethernet to another vlan instead of to my switch to segment the network. This morning same issue so I believe it is due to proxy squid and I am wondering how can I create a firewall rule to not allow my work laptop to interfere with my other devices. Unless my work laptop just does not like the parameter firewall I maybe blaming the wrong thing I am still trying to understand how this all works.
I hope someone experienced something similar and would not mind sharing their solutions with me.
Best regards
-
@cybersamurai Perhaps it doesn't like the MITM.
Can't really see why you'd need to use Squid proxy for so few devices.
-
@nogbadthebad I am taking this time to experiment and learn a bit more about network security as I am a student aspiring to get into the cyber security field. I was reading a book from no starch press called "Cyber Security for small Networks" ~ Seth Enoka.
In his book he talks about pfSense and mentions the netgate router his was an SG-3100 so I decided I would look into this product since it already had the software installed and I went and purchased the SG-2100 in hopes to replace my Bell hub 3000 however I failed at doing so haha my lack of experience in networking of course. I decided to just run the router of a vlan port and then purchased a switch to wire my devices in my basement. I discovered how powerful pfSense can actually be and found tools like Snort, VPN and proxy Squid and it's antivirus abilities etc. Learning about parameter firewalls and host firewalls like iptables and what not. It peaked my interest in just experimenting.
I actually just followed the instructions and found out about proxy squid and thought it be a great tool for controlling web content for my nephews so they did not end up in places they shouldn't. However that being said with my configuration and with what you said about MITM my work laptop probably picked that up. I dunno if the ocsp.entrust.net or the www msfconnectiontest.com which I see coming from the IP in LightSquid has something to do with MITM I did pick up at one time a server from Alien Vault checking my network for malware or something. I might have to connect the laptop to my main router without pfSense but thought maybe there might be a way around it like adding the work laptop to some ACL or what not.
Sorry for the long winded reply, just wanted to give some context and explain my goals for wanting to learn about proxy squid a bit further.
Cheers!
-
@cybersamurai I don't see how your work laptop can affect other devices, unless
- it is a DHCP server, meaning it would likely break any network to which it was connected
- it has a bad network card
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
@steveits Thanks Steve! I'll have to investigate further on the dhcp appreciate it :)
-
@steveits is Wi-Fi and Ethernet connected at the same time I wonder.
-
It could be likely that your work laptop creates a VPN to your business network and thus would be invisible to other devices on your home network.. That is true of mine.
That could be why other devices cannot ping it..
