Unable to access any network that uses the same ISP as I do
-
One other thing, I trust your WAN rules allow that connection.
-
These are my rules on the wan adapter.
Ive been playing around with vlans and when I get home I will set up my switch to give my openwrt router an ip over a vlan so I can leave my working pfsense network undisturbed. Ill post back with results of that. -
Try disabling RFC1918 rule.
-
So I am home now and after bypassing my pfsense and putting my test laptop out on its own public address that is different from my normal wan network address, I can't access the server I have been trying to. If I ssh out to another even farther server (a raspberry pi 3 in a different city) I can ssh back into the target server but from any IP address under my ISP that is associated with me it blocks. I wonder if its me? Is it likely that I was flagged as suspicious or something? I have a few cron jobs that back up files between these locations and maybe that got me flagged? It ran for a couple years and then all the sudden during the summer it stopped working. I think it may be time to call my ISP and see what happened. BTW disabling the RFC 1918 rule didn't help.
-
I called the support desk for my ISP and it seems they may have flagged me. Too bad.
-
What were you flagged for?
-
@JKnott said in Unable to access any network that uses the same ISP as I do:
What were you flagged for?
Let me guess : he wasn't the only one calling to them mentioning his IP ....
-
The helpdesk didnt confirm as I didnt give my name, but I suspect it may be for the infringement notice. I have more families on my network than just mine. We are all on separate vlans but under the same public ip address.
-
So, you're sharing your connection in violation of the service terms. Yep, that'll do it.
-
@JKnott I dont know how they would know though. Who is to say I dont just have family/friends living with me permanently?
-
Well how many total users?
Also if you were in violation of some policy, wouldn't they just kill your access completely vs blocking you from accessing some other IP of theirs?
Makes no sense.. Hey this guy is sharing his account, lets let him go to the internet, but block his access to other customers IP?
-
I suspect there may be more to this than has been mentioned.
-
Just a couple families. We have recieved infringement notices in previous years but this all happened suddenly about 5 months ago. I dont know. I'm not going to call and ask about any of it outing myself as a user that does more than watch netflix with my immediate family like most people do. I dont want my connection shut off.
-
Then stop sharing. You're violating the terms and apparently have been caught before. Regardless, this has nothing to do with pfsense.
-
Simple test.. Sniff on the dest IP while you try and access or ping its IP from your side. Do you see it see the traffic get there? If so then they are not blocking you at the isp level.
-
I'll have to try it out this afternoon. Thanks for the help everyone. I was sure that my issue had to do with pfsense but I am thinking I was wrong about that.
-
If you say it works via using some other device. Keep in mind that said other device might get a different IP than pfsense got.
I would check what IP you have with mask, so you know the whole range. And what this other IP your trying to access is.. What is the mask on that - are they on the same network, or different ones?
If the IP is on the same network, then pfsense would think its on the same L2 and not send traffic anywhere then directly out its interface. Maybe the isp use private vlans and don't allow devices on the same L2 to talk to each other.
The simple way to know is just sniff on the other end public IP.. When you send traffic there does it get there? If so then you have something else going on, improper port forward, firewall rules, firewall on the dest device behind the other end. etc..
If it doesn't get there, then its being blocked somewhere between you and them.
-
@jdogtotherescue, your ISP already knew who you are. Did you or someone in your home network posted anti-government or anti-lockdown messages on social media recently?
-
@jdogtotherescue said in Unable to access any network that uses the same ISP as I do:
My ISP provides a connection that If you wanted to, you could plug in a simple desktop switch and obtain an address and access the internet. No NAT required on our end
Are you actually receiving a public IP when you do that?
Steve
-
@stephenw10 said in Unable to access any network that uses the same ISP as I do:
Are you actually receiving a public IP when you do that?
Great question ;)
Since he says he can plug in a switch and get how many IPs? 2, 10, 100? I find it highly unlikely that any isp in this day an age would just hand out more than 1 IPv4 address without some added charge or special account (that pays for it)..
For all we know he is behind a CGnat? Are these IPv4 addresses your connecting to or IPv6?
