Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WAN goes offline intermittently due to Android phone running Tor Orbot

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      joshkraemer
      last edited by

      Hi,

      Every time a user on my small office network use the Tor Orbot proxy app on his Android phone, my WAN goes offline intermittently and I can't reach pfSense through the web interface. When he closes the app, everything works fine again.

      Here's what I see in the logs when it happens. This message repeats itself once every second until the Tor Orbot app is closed.

      kernel: arp: xx:xx:xx:xx:xx:xx is using my IP address 10.10.10.1 on em1!
      

      10.10.10.1 is the LAN gateway IP address of my firewall. xx:xx:xx:xx:xx:xx is MAC address of the phone. I have given the Android phone's MAC address a static DHCP lease, but it still tries to use the gateway IP. What can I do to prevent the phone/app from attempting to use the LAN gateway IP address?

      I am using pfSense 2.0.1-RELEASE on a Hacom Mars II pfSense 1U Server (2GB DDR3 SO-DIMM, 2GB SATA DOM storage).
      2016-06-21_0950.png
      2016-06-21_0950.png_thumb

      1 Reply Last reply Reply Quote 0
      • GertjanG Online
        Gertjan
        last edited by

        Hi,

        What about a firewall rule specially created for this device  ?

        I am using pfSense 2.0.1-RELEASE

        ;D
        Can you publish a photo, please ?
        We have a photo of this "Windows 98 PC" up and running, but "pfSense 2.0.1" is missing in our collection  ;)

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • J Offline
          joshkraemer
          last edited by

          @Gertjan:

          Can you publish a photo, please ?

          Done :) (see the above attachment)

          1 Reply Last reply Reply Quote 0
          • J Offline
            joshkraemer
            last edited by

            Would this work for the firewall rule?

            I have a static DHCP lease for the device's address assigned to 10.10.10.6. I am blocking any traffic from that IP to the LAN address.

            2016-06-21_1108.png_thumb
            2016-06-21_1108.png

            1 Reply Last reply Reply Quote 0
            • D Offline
              divsys
              last edited by

              If your intention is to stop that device from reaching the internet, you need to move that rule to the WAN tab and change the dest. to "Any"

              As it is that rule will never match anything as pfSense doesn't need to be involved in LAN-LAN traffic.

              -jfp

              1 Reply Last reply Reply Quote 0
              • J Offline
                joshkraemer
                last edited by

                Ok, thanks. I don't need to block the device from using the internet.

                I need to prevent it from using my pfSense firewall's IP address of 10.10.10.1.

                I believe Tor Orbot creates a VPN, but I don't know much else about the app.

                Though if I can't do anything else, I suppose blocking the device from the internet will be the best bet.

                1 Reply Last reply Reply Quote 0
                • D Offline
                  divsys
                  last edited by

                  Well in that case, leave your rule on the LAN Tab and change the destination to 10.10.10.1.  If you really want to block it from everything, change the destination to "any".

                  That'll block the device from talking to pfSense at all.
                  It will still be able to talk to other devices on your network and/or flood your LAN with requests.
                  Those don't go through pfSense at all, just your switch or AP.

                  -jfp

                  1 Reply Last reply Reply Quote 0
                  • C Offline
                    cmb
                    last edited by

                    That's a question for an Android forum. The phone is causing an IP conflict on your gateway IP, there is nothing you can do at the firewall level to stop that from happening. There must be some kind of IP configuration in the Orbot app that's set to use that IP, or else somewhere else on that phone. Even if you block the phone from reaching the Internet, that won't stop the IP conflict it's creating from breaking everything else on your LAN.

                    1 Reply Last reply Reply Quote 0
                    • J Offline
                      joshkraemer
                      last edited by

                      Thanks everyone. I have successfully blocked the device using a MAC address filter on my wireless APs so that the phone can't even even to the wifi network. This keeps the network stable when the employee comes in the the office and forgets to turn off the wifi or tor orbot app on his phone.

                      The only other options I can think of are to A.) change the IP configuration on the Orbot app or B.) Change my pfSense IP.

                      I will continue looking on Android and Tor forums for more info.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.