Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to access any network that uses the same ISP as I do

    Scheduled Pinned Locked Moved General pfSense Questions
    46 Posts 7 Posters 16.8k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JKnottJ Offline
      JKnott @JKnott
      last edited by

      @JKnott

      One other thing, I trust your WAN rules allow that connection.

      PfSense running on Qotom mini PC
      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
      UniFi AC-Lite access point

      I haven't lost my mind. It's around here...somewhere...

      1 Reply Last reply Reply Quote 0
      • J Offline
        jdogtotherescue
        last edited by

        wanrules.png
        These are my rules on the wan adapter.
        Ive been playing around with vlans and when I get home I will set up my switch to give my openwrt router an ip over a vlan so I can leave my working pfsense network undisturbed. Ill post back with results of that.

        1 Reply Last reply Reply Quote 0
        • PippinP Offline
          Pippin
          last edited by

          Try disabling RFC1918 rule.

          I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
          Halton Arp

          1 Reply Last reply Reply Quote 1
          • J Offline
            jdogtotherescue
            last edited by

            So I am home now and after bypassing my pfsense and putting my test laptop out on its own public address that is different from my normal wan network address, I can't access the server I have been trying to. If I ssh out to another even farther server (a raspberry pi 3 in a different city) I can ssh back into the target server but from any IP address under my ISP that is associated with me it blocks. I wonder if its me? Is it likely that I was flagged as suspicious or something? I have a few cron jobs that back up files between these locations and maybe that got me flagged? It ran for a couple years and then all the sudden during the summer it stopped working. I think it may be time to call my ISP and see what happened. BTW disabling the RFC 1918 rule didn't help.

            1 Reply Last reply Reply Quote 0
            • J Offline
              jdogtotherescue
              last edited by

              I called the support desk for my ISP and it seems they may have flagged me. Too bad.

              JKnottJ 1 Reply Last reply Reply Quote 0
              • JKnottJ Offline
                JKnott @jdogtotherescue
                last edited by

                @jdogtotherescue

                What were you flagged for? ๐ŸŽ ๐Ÿ˜‰

                PfSense running on Qotom mini PC
                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                UniFi AC-Lite access point

                I haven't lost my mind. It's around here...somewhere...

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG Offline
                  Gertjan @JKnott
                  last edited by

                  @JKnott said in Unable to access any network that uses the same ISP as I do:

                  @jdogtotherescue

                  What were you flagged for? ๐ŸŽ ๐Ÿ˜‰

                  Let me guess : he wasn't the only one calling to them mentioning his IP ....

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 1
                  • J Offline
                    jdogtotherescue
                    last edited by

                    The helpdesk didnt confirm as I didnt give my name, but I suspect it may be for the infringement notice. I have more families on my network than just mine. We are all on separate vlans but under the same public ip address.

                    JKnottJ 1 Reply Last reply Reply Quote 0
                    • JKnottJ Offline
                      JKnott @jdogtotherescue
                      last edited by

                      @jdogtotherescue

                      So, you're sharing your connection in violation of the service terms. Yep, that'll do it.

                      PfSense running on Qotom mini PC
                      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                      UniFi AC-Lite access point

                      I haven't lost my mind. It's around here...somewhere...

                      J 1 Reply Last reply Reply Quote 0
                      • J Offline
                        jdogtotherescue @JKnott
                        last edited by

                        @JKnott I dont know how they would know though. Who is to say I dont just have family/friends living with me permanently?

                        1 Reply Last reply Reply Quote 0
                        • johnpozJ Offline
                          johnpoz LAYER 8 Global Moderator
                          last edited by

                          Well how many total users?

                          Also if you were in violation of some policy, wouldn't they just kill your access completely vs blocking you from accessing some other IP of theirs?

                          Makes no sense.. Hey this guy is sharing his account, lets let him go to the internet, but block his access to other customers IP?

                          An intelligent man is sometimes forced to be drunk to spend time with his fools
                          If you get confused: Listen to the Music Play
                          Please don't Chat/PM me for help, unless mod related
                          SG-4860 24.11 | Lab VMs 2.8, 24.11

                          JKnottJ 1 Reply Last reply Reply Quote 0
                          • JKnottJ Offline
                            JKnott @johnpoz
                            last edited by

                            @johnpoz

                            I suspect there may be more to this than has been mentioned.

                            PfSense running on Qotom mini PC
                            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                            UniFi AC-Lite access point

                            I haven't lost my mind. It's around here...somewhere...

                            1 Reply Last reply Reply Quote 0
                            • J Offline
                              jdogtotherescue
                              last edited by

                              Just a couple families. We have recieved infringement notices in previous years but this all happened suddenly about 5 months ago. I dont know. I'm not going to call and ask about any of it outing myself as a user that does more than watch netflix with my immediate family like most people do. I dont want my connection shut off.

                              JKnottJ 1 Reply Last reply Reply Quote 0
                              • JKnottJ Offline
                                JKnott @jdogtotherescue
                                last edited by

                                @jdogtotherescue

                                Then stop sharing. You're violating the terms and apparently have been caught before. Regardless, this has nothing to do with pfsense.

                                PfSense running on Qotom mini PC
                                i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                                UniFi AC-Lite access point

                                I haven't lost my mind. It's around here...somewhere...

                                1 Reply Last reply Reply Quote 0
                                • johnpozJ Offline
                                  johnpoz LAYER 8 Global Moderator
                                  last edited by

                                  Simple test.. Sniff on the dest IP while you try and access or ping its IP from your side. Do you see it see the traffic get there? If so then they are not blocking you at the isp level.

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                                  1 Reply Last reply Reply Quote 0
                                  • J Offline
                                    jdogtotherescue
                                    last edited by

                                    I'll have to try it out this afternoon. Thanks for the help everyone. I was sure that my issue had to do with pfsense but I am thinking I was wrong about that.

                                    1 Reply Last reply Reply Quote 0
                                    • johnpozJ Offline
                                      johnpoz LAYER 8 Global Moderator
                                      last edited by

                                      If you say it works via using some other device. Keep in mind that said other device might get a different IP than pfsense got.

                                      I would check what IP you have with mask, so you know the whole range. And what this other IP your trying to access is.. What is the mask on that - are they on the same network, or different ones?

                                      If the IP is on the same network, then pfsense would think its on the same L2 and not send traffic anywhere then directly out its interface. Maybe the isp use private vlans and don't allow devices on the same L2 to talk to each other.

                                      The simple way to know is just sniff on the other end public IP.. When you send traffic there does it get there? If so then you have something else going on, improper port forward, firewall rules, firewall on the dest device behind the other end. etc..

                                      If it doesn't get there, then its being blocked somewhere between you and them.

                                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                                      If you get confused: Listen to the Music Play
                                      Please don't Chat/PM me for help, unless mod related
                                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                                      1 Reply Last reply Reply Quote 0
                                      • AKEGECA Offline
                                        AKEGEC
                                        last edited by

                                        @jdogtotherescue, your ISP already knew who you are. Did you or someone in your home network posted anti-government or anti-lockdown messages on social media recently?

                                        1 Reply Last reply Reply Quote 1
                                        • stephenw10S Offline
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          @jdogtotherescue said in Unable to access any network that uses the same ISP as I do:

                                          My ISP provides a connection that If you wanted to, you could plug in a simple desktop switch and obtain an address and access the internet. No NAT required on our end

                                          Are you actually receiving a public IP when you do that?

                                          Steve

                                          J 1 Reply Last reply Reply Quote 0
                                          • johnpozJ Offline
                                            johnpoz LAYER 8 Global Moderator
                                            last edited by

                                            @stephenw10 said in Unable to access any network that uses the same ISP as I do:

                                            Are you actually receiving a public IP when you do that?

                                            Great question ;)

                                            Since he says he can plug in a switch and get how many IPs? 2, 10, 100? I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..

                                            For all we know he is behind a CGnat? Are these IPv4 addresses your connecting to or IPv6?

                                            An intelligent man is sometimes forced to be drunk to spend time with his fools
                                            If you get confused: Listen to the Music Play
                                            Please don't Chat/PM me for help, unless mod related
                                            SG-4860 24.11 | Lab VMs 2.8, 24.11

                                            JKnottJ 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.