Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Isolated machine want to access internet

    Scheduled Pinned Locked Moved Virtualization
    7 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blackd
      last edited by

      Hello. I downloaded the pack from netgate and installed ok 2 virtual machine, isolated from the external network. I have putted wireshark on the wan link between the 2 firewalls and i captured packets. I configure with standard ip on lan and wan, without DNS. On capture i saw that pfsense want to reache on some ip from USA, and is not about from update.
      Anybody tested that? I think is a breach of security...

      1 Reply Last reply Reply Quote 0
      • P
        P3R
        last edited by P3R

        How should pfSense be able to check if later versions of pfSense are available (to inform the administrator of it) without connecting to a Netgate download server?

        Maybe you could check what the ip belong to and what kind of traffic it is before crying Wolf here?

        1 Reply Last reply Reply Quote 0
        • B
          blackd
          last edited by

          How as i saying is not about update. I disable update. You understand what i said? Read carrefouly.

          1 Reply Last reply Reply Quote 0
          • P
            P3R
            last edited by P3R

            I'm sorry that I was unable to decipher that part of your message but my questions are still valid...

            What does the ip belong to (USA is kind of big and not specific enough) and what kind of traffic is it?

            1 Reply Last reply Reply Quote 0
            • B
              blackd
              last edited by

              Your question is good, but in this moment i am not in front of pc to give you the logs. Later this day i will show the logs. But if i make a connection of 2 pfsense that are no part of internet, and config with default, just ip, why to go to internet ip if my updates are off and not configure any dns or other option?

              1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan
                last edited by

                It's possible to shut down most of pfSense services so it won't call out anymore.
                But what about the bogons IP lists ( a cron task ) ?
                And the GUI that goes out no matter what, to check for a new, updated ULA ?
                These are the ones that I know of right now. Others might exist.

                To shut these down, you have to change the code.

                @blackd said in Isolated machine want to access internet:

                I think is a breach of security...

                Think again.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by johnpoz

                  So your saying pfsense without any dns is reaching out to a specific IP? So the IP must be hard coded into pfsense to check for X?

                  I don't think so to be honest, hard coding IPs is horrible coding!

                  Lets see these logs, or the IP that its reaching out to.. And we can prob figure out what is going on.. But I would be very surprised if the pfsense dev's hardcoded an IP into anything they are running. Best would also be these sniffs you took.

                  You have no packages installed?

                  You sure its just not the ping to the gateway of pfsense wan? That would be reaching out to an IP without dns to resolve it.. You do know that pfsense even if you turn off unbound, will try and grab dns from dhcp on its wan. And then would attempt to use that for dns..

                  Also how are you sure its not something on the lan side trying to get to X?

                  What about NTP? If pfsense at any time had dns, it would of resolved some IPs in the ntp.pool and be trying to set time with those, etc.

                  TL;DR going to need way more info to try and help you figure out what your seeing.

                  Also, I have a few pfsense vms I could fire up and try and duplicate what your doing/seeing..

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.