So i have an EdgeRouter X that has been in place or a year with no issues. A few weeks ago the end users started noticing certain websites not working - it was simple stuff like iheart.com and other things unimportant to business so it just got ignored. Now they have noticed more websites aren't working - mainly google images/earth/maps and some other sites which are causing some more serious problems.
I have been looking into the issue and the only thing i've seen so far is in the logs a message shows that states
ubnt kernel: IPv4: martian source x.x.x.x from y.y.y.y, on dev eth1
- x.x.x.x is the websites ip that isn't working, y.y.y.y is their WAN ip.
The router is very basic other than a VPN that links to a remote office. That remote network has a 192.168.15.0/24 and the main is 192.168.10.0/24. There is a route set up to allow that other network to communicate back and forth. The other office has the same problems - can't access certain websites.
This has worked with no problems in the past and to my knowledge as the only person who does anything on their network, nothing has changed.
Is it possible these martian errors are the problem and its a configuration issue with the router? Is it a problem with the ISP and i need to contact them?
Any help appreciated. I'm pretty good with networks but this is advanced enough its beyond me.
Here is the config with some IPs redacted:
ubnt@ubnt# show
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
description "ATT VPN"
duplex auto
speed auto
}
ethernet eth1 {
address x.x.x.x/30
description Internet
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth2 {
description Local
duplex auto
speed auto
}
ethernet eth3 {
description Local
duplex auto
speed auto
}
ethernet eth4 {
description Local
duplex auto
speed auto
}
loopback lo {
}
switch switch0 {
address 192.168.10.1/24
description Local
mtu 1500
switch-port {
interface eth0
interface eth2
interface eth3
interface eth4
}
}
}
protocols {
static {
interface-route 192.168.15.0/24 {
next-hop-interface switch0 {
distance 1
}
}
}
}
service {
dns {
forwarding {
cache-size 150
listen-on eth0
listen-on switch0
}
}
gui {
https-port 443
}
nat {
rule 5010 {
outbound-interface eth1
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
gateway-address x.x.x.x
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $6$F4H/gfsH$jDWaXeSz2gjky8wtStEVNc1b6wjJFmOv
BN9qejoIFhBsdvaFG.ePQ0gHzBjr3obVTLQyqZ98BAEbBlrGs9QmY0
plaintext-password ""
}
full-name ""
level admin
}
}
name-server x.x.x.x
name-server x.x.x.x
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}