Hello,
I need assistance of the following problem:
I Lost internet connection through pppoe -out interface to my ISP. Same issue happened two months ago for a two days but with extremely slow connection. The problem solved by itself. Now router is connected to ISP but no internet access.
My configuration:
RouterBOARD
Model RB962UiGS-5HacT2HnT
Serial Number C5610BC38BBC
Firmware Type qca9550L
Factory Firmware 6.44
Current Firmware 7.14.3
Upgrade Firmware 7.14.3
Steps I did to debug:
Eliminating all other hardware like cables, switches or my ISP. The problem clearly is in router. Connecting directly to ISP without router works fine.
All local network is fine except connection to ISP.
Checked that no outside machine is connected to my dhcp server.
Upgraded to the last firmware.
Checked CPU load.
Checked free memory - 69MB free.
Logs show nothing unusual.
I Disabled my vpn service. No change.
Ping from router tools menu shows a lot of timeouts.
I tried to disable firewall/nat rules I have added with no effect.
I read documentation and forums but nothing helped me so far.
Here are my firewall rules:
/ip firewall filter
add action=accept chain=input comment=“defconf: accept established,related,untracked” connection-state=established,related,untracked
add action=drop chain=input comment=“defconf: drop invalid” connection-state=invalid
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=drop chain=input comment=“defconf: drop all not coming from LAN. Disabled by RSP. Drops PPTP requests” disabled=yes in-interface-list=!LAN
add action=accept chain=forward comment=“defconf: accept in ipsec policy” ipsec-policy=in,ipsec
add action=accept chain=forward comment=“defconf: accept out ipsec policy” ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack” connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=“defconf: accept established,related, untracked” connection-state=established,related,untracked
add action=drop chain=forward comment=“defconf: drop invalid” connection-state=invalid
add action=drop chain=forward comment=“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
add action=accept chain=input comment=“default configuration” protocol=icmp
add action=accept chain=input comment=“default configuration” connection-state=established
add action=accept chain=input comment=“default configuration” connection-state=related packet-mark=“”
add action=drop chain=input comment=“default configuration” in-interface=ether1-gateway
add action=accept chain=forward comment=“default configuration” connection-state=established
add action=accept chain=forward comment=“default configuration” connection-state=related
add action=drop chain=forward comment=“default configuration” connection-state=invalid
add action=accept chain=forward comment=“port forwarding try” disabled=yes dst-port=80 protocol=tcp
add action=drop chain=input comment=“defconf: drop all not coming from LAN. Drop DNS request causing high CPU Load and slow connection” disabled=yes in-interface-list=!LAN
add action=drop chain=input comment=“try block dns attack” dst-port=53 in-interface=pppoe-out1 protocol=udp
add action=drop chain=input comment=“try block dns attack” dst-port=53 in-interface=pppoe-out1 protocol=tcp
Thank you for your help.
Regards