Quantcast
Channel: EdgeRouter topics
Viewing all articles
Browse latest Browse all 20028

some websites not loading

$
0
0

So i have an EdgeRouter X that has been in place or a year with no issues. A few weeks ago the end users started noticing certain websites not working - it was simple stuff like iheart.com and other things unimportant to business so it just got ignored. Now they have noticed more websites aren't working - mainly google images/earth/maps and some other sites which are causing some more serious problems. 

 

I have been looking into the issue and the only thing i've seen so far is in the logs a message shows that states 

ubnt kernel: IPv4: martian source x.x.x.x from y.y.y.y, on dev eth1

 - x.x.x.x is the websites ip that isn't working, y.y.y.y is their WAN ip.  

 

The router is very basic other than a VPN that links to a remote office. That remote network has a 192.168.15.0/24 and the main is 192.168.10.0/24. There is a route set up to allow that other network to communicate back and forth. The other office has the same problems - can't access certain websites. 

 

This has worked with no problems in the past and to my knowledge as the only person who does anything on their network, nothing has changed. 

 

Is it possible these martian errors are the problem and its a configuration issue with the router? Is it a problem with the ISP and i need to contact them?


Any help appreciated. I'm pretty good with networks but this is advanced enough its beyond me. 

 

Here is the config with some IPs redacted:

 

ubnt@ubnt# show                                                                 
 firewall {                                                                     
     all-ping enable                                                            
     broadcast-ping disable                                                     
     ipv6-receive-redirects disable                                             
     ipv6-src-route disable                                                     
     ip-src-route disable                                                       
     log-martians enable                                                        
     name WAN_IN {                                                              
         default-action drop                                                    
         description "WAN to internal"                                          
         rule 10 {                                                              
             action accept                                                      
             description "Allow established/related"                            
             state {                                                            
                 established enable                                             
                 related enable                                                 
             }                                                                  
         }                                                                      
         rule 20 {                                                              
             action drop                                                        
             description "Drop invalid state"                                   
             state {                                                            
                 invalid enable                                                 
             }
         }                                                                      
     }                                                                          
     name WAN_LOCAL {                                                           
         default-action drop                                                    
         description "WAN to router"                                            
         rule 10 {                                                              
             action accept                                                      
             description "Allow established/related"                            
             state {                                                            
                 established enable                                             
                 related enable                                                 
             }
         }                                                                      
         rule 20 {                                                              
             action drop                                                        
             description "Drop invalid state"                                   
             state {                                                            
                 invalid enable                                                 
             }                                                                  
         }                                                                      
     }                                                                          
     receive-redirects disable                                                  
     send-redirects enable                                                      
     source-validation disable
     syn-cookies enable                                                         
 }                                                                              
 interfaces {                                                                   
     ethernet eth0 {                                                            
         description "ATT VPN"                                                  
         duplex auto                                                            
         speed auto                                                             
     }                                                                          
     ethernet eth1 {                                                            
         address x.x.x.x/30                                                
         description Internet                                                   
         duplex auto
         firewall {                                                             
             in {                                                               
                 name WAN_IN                                                    
             }                                                                  
             local {                                                            
                 name WAN_LOCAL                                                 
             }                                                                  
         }                                                                      
         speed auto                                                             
     }                                                                          
     ethernet eth2 {                                                            
         description Local
         duplex auto                                                            
         speed auto                                                             
     }                                                                          
     ethernet eth3 {                                                            
         description Local                                                      
         duplex auto                                                            
         speed auto                                                             
     }                                                                          
     ethernet eth4 {                                                            
         description Local                                                      
         duplex auto                                                            
         speed auto
     }                                                                          
     loopback lo {                                                              
     }                                                                          
     switch switch0 {                                                           
         address 192.168.10.1/24                                                
         description Local                                                      
         mtu 1500                                                               
         switch-port {                                                          
             interface eth0                                                     
             interface eth2                                                     
             interface eth3                                                     
             interface eth4
         }                                                                      
     }                                                                          
 }                                                                              
 protocols {                                                                    
     static {                                                                   
         interface-route 192.168.15.0/24 {                                      
             next-hop-interface switch0 {                                       
                 distance 1                                                     
             }                                                                  
         }                                                                      
     }                                                                          
 }
 service {                                                                      
     dns {                                                                      
         forwarding {                                                           
             cache-size 150                                                     
             listen-on eth0                                                     
             listen-on switch0                                                  
         }                                                                      
     }                                                                          
     gui {                                                                      
         https-port 443                                                         
     }                                                                          
     nat {
         rule 5010 {                                                            
             outbound-interface eth1                                            
             type masquerade                                                    
         }                                                                      
     }                                                                          
     ssh {                                                                      
         port 22                                                                
         protocol-version v2                                                    
     }                                                                          
 }                                                                              
 system {                                                                       
     gateway-address x.x.x.x
     host-name ubnt                                                             
     login {                                                                    
         user ubnt {                                                            
             authentication {                                                   
                 encrypted-password $6$F4H/gfsH$jDWaXeSz2gjky8wtStEVNc1b6wjJFmOv
BN9qejoIFhBsdvaFG.ePQ0gHzBjr3obVTLQyqZ98BAEbBlrGs9QmY0                          
                 plaintext-password ""                                          
             }                                                                  
             full-name ""                                                       
             level admin                                                        
         }                                                                      
     }
     name-server x.x.x.x                                                   
     name-server x.x.x.x                                                   
     ntp {                                                                      
         server 0.ubnt.pool.ntp.org {                                           
         }                                                                      
         server 1.ubnt.pool.ntp.org {                                           
         }                                                                      
         server 2.ubnt.pool.ntp.org {                                           
         }                                                                      
         server 3.ubnt.pool.ntp.org {                                           
         }                                                                      
     }
     syslog {                                                                   
         global {                                                               
             facility all {                                                     
                 level notice                                                   
             }                                                                  
             facility protocols {                                               
                 level debug                                                    
             }                                                                  
         }                                                                      
     }                                                                          
     time-zone UTC                                                              
 }

 


Viewing all articles
Browse latest Browse all 20028

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>