Author Topic: Firewall blocking internal host  (Read 397 times)

johnakki

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +1/-0
    • View Profile
Firewall blocking internal host
« on: August 15, 2017, 09:41:18 pm »
I've just replaced an internal server - same IP, OS, and config - just a different MAC address.
The new server was able to get a DHCP lease from my Zentyal 5.0 instance and seemed to be working fine until I changed the IP of the new server to match that of the one which it was replacing (it's out of the DHCP scope). Immediately after making this change, I was no longer able to resolve DNS against Zentyal (yes my resolv.conf is fine). I nmap'd Zentyal (ports 1-65535) from the new server and it showed absolutely nothing open. I have the firewall module enabled in Zentyal but it's all at defaults and it only has an internal-facing interface.
Other devices on the same network have continued to be able to resolve against and see open ports on Zentyal as normal.
There is no obvious UI option in Zentyal regarding blocking MACs which are spoofing IPs so, as a test, I just disabled the firewall module completely. Immediately upon doing this I can see open ports on Zentyal from my new server and resolve DNS against it.
Is this a bug or is it a feature which doesn't have a UI option to turn it on and off?