Web traffic log issues WAN / LAN . VirtualBox
-
@pfuzer said in Web traffic log issues WAN / LAN . VirtualBox:
I need to see in the traffic logs exactly the IP of the device
Where do you want to see this? This is logged on pfsense
-
@netblues I need to see it in pfsense, currently the issue is that if a user using a smartphone goes to a website, it shows WAN IP of the router as the source IP.
If someone with a laptop goes to another website it also shows the same WAN IP of the router as the source IP.
I need to see for the web traffic in pfsense the real source IP of the device that generates the traffic.
There is some type of configuration issue, the router is configured in router mode, it doesn't have transparent firewall mode. -
@pfuzer Yes, the second router does nat, which essentially hides all the devices.
Do you really need that second router there ? -
@netblues there is only one physical router, and I'd like to keep it if possible as the firewall provides an extra protection layer.
-
@pfuzer You don't really need two routers. You will make your network life miserably complicated.
In a nutshell, if the router can disable nat mode, then pf will know which device does what.
Until then, nat hides all.
If you do disable nat on router, it must be substituted by proper routing in order to work. -
@netblues thanks for your response. this post in this snb site explains why I'd prefer to keep the asus router protection features enabled (if NAT is disabled in the router, the security features get disabled as well) https://www.snbforums.com/threads/about-disabling-nat-can-still-it-work-as-a-router.27821/
The main difference is that the user in that post has a watchguard firewall, in my case is the pfsense. However, I did not understand how did he solve the issue with the following, how was that done?ColinTaylor said: I'd hazard a guess that this is because your gateway device doesn't know how to route the incoming (WAN) traffic back to the LAN clients behind the ASUS. It just assumes they are on its switch port whereas they need to be routed through the ASUS. That was it, Colin ! As simple as it appears now, there was no routing back for the traffic sources behind the Asus. It was enough to add a static route on the Watchguard to make it work, with everything on (firewall, vpn, transmission, etc). -
I just found the following info, do you think the following 6 instructions will do what I want to do, or is there a better way to do the proper routing in order to get it to work (without losing the security features in the asus router)? Currently the speed is fine, not having any speed issues.
http://www.snbforums.com/threads/disabling-nat-on-asus-rt-ac87u.22886/I was trying to keep the ASUS router up as a transparent (non NAT) gateway so that I would not lose the virus scanning capability of the RT-87U. What then becomes the 'wan' port of the dedicated PC? ryancarter3 wrote: I just built a similar home box using Home UTM and a Dell Vostro 220 (Core 2 duo, 2gb Ram, 230gb hd). Added an Intel Pci-X Nic. Works fantastically. We have about 9 pc's and 6 tablets and phones. 1. Set the Firewall to be your default gateway (192.168.1.1) 2. setup DHCP with a limit of 45 - 50 IP's depending on if you will have devices not using DHCP. 3. Disable DHCP on your wireless router 4. Connect the LAN port of the firewall to one of the LAN ports of your router. 5. Change the router's IP so that is no longer the default gateway (192.168.1.2) 6. Connect your internet to the WAN port on your firewall pc. -
@pfuzer What this say is, use the asus as an access point.
As for the advanced,. and "ai" features, of a product which can't behave as a router with nat off, looks like it was designed by the marketing department, not the engineering one.Use asus as an ap and all will be good.
-
@netblues thanks for your help, do you know if there is a reliable router with firewall that can be configured in transparent mode and has features such as vlans, ACLs and anti malware protection that doesn't need a paid $ subcription?
-
@pfuzer pfsense with pfblockergng-dev and suricata