How do I show that my employer blocked my internet access?


Things are not going well at the office and I believe that the network admin blocked the internet access for my particular machine. I would like to be able to prove it.

We share a (V)LAN through a small switch with my team. I’m able to ping anything and to resolve DNS names but can’t connect to any website, IMAP server or anything. When I connect to my smartphone’s internet connection sharing everything is ok. I also tried to connect to another VLAN and it worked as well. So I believe that my computer was blocked at firewall level, probably based on my Mac address. The network manager says that it is “because I use a Mac” :face_with_symbols_over_mouth:

Now I would like to be able to prove (if my assumption is right) that the packets are blocked at the firewall level. Any idea how I could do that ?


Salut @pagaille

Some ideas…

  1. Certain Firewalls, like Sonicwall, have this built-in. If you’re running the SonicWall Anti-Virus, then you can pass the firewall. The AV is a packaged McAfee agent.

  2. Can you connect to / use any VPN? (OpenVPN based).

  3. Run a Windows on your Mac (Maybe in full screen mode) and see if it works, if not, demand the admin get’s it working. If a VM Windows can access the Net, your Mac “should” be able to do so also. (Unless it’s something like the SonicWall mentionned above.).

  4. A Mac makes it fairly easy to circumvent the network, eg by creating another vLAN adapter…
    You can allocate a different Mac…

  5. A Traceroute will only allow access up to the firewall. (Also a “proof”…)

Mes deux centimes


Simply ask you Network Admin, the problem and the reason. It could be a small technical problem. Don’t do anything from your side, if your employer don’t want you to have an internet access.

For the proof you can copy the network configuration (ifconfig > ip.txt)
ping any local device – Which which will prove the local connectivity
ping website – ping
ping google dns – ping
check port 53 – cat < /dev/null > /dev/tcp/; echo $? – the output should be 0
nslookup – nslookup

Copy all the output in a txt file.

My 1.5 cent.

1 Like


Hi Tejas

Pagaille lives / works in France, as I recall.
In Switzerland, Germany - and AFAIK also in France: If your working contract does not forbid Internet usage (very rare!), the company is not allowed to forbid Internet…

That’s why I think it’s more a “mandate” to use the security components - like I explained in 1) with the Sonicwall.

My 2 cents


Thanks for all your clever suggestions (especially creating a VLAN adapter, didn’t think about that) ! I thought I could also use a spare USB LAN adapter.

You know what ? I bet that Monday everything will work again :wink: I believe that the network admin sabotaged my connection on purpose, but he didn’t know that I could so easily point out the reason why.

Have a good day !

1 Like

In the great old game of chess, it’s always a good thing if your opponent thinks you’re a move ahead of him - without realizing you’re actually ten moves ahead!

Of course, without cheating, or thinking about some “chess” player/cheater whose name sounds like “nobody” in german… :slight_smile:

My 2 cents

1 Like

I was curious and went back at the office to investigate.

Guess what : it works. And strangely enough my DHCP assigned Ip address changed as well.

If I manually set it to the one I received yesterday (a very specific one : I received .109 today) , I can reproduce what I saw yesterday.

Sabotage ? Not sabotage ? Who knows. Let’s get out of this mess as fast as possible :slightly_frowning_face:



Probably your Network Admin realized you were a couple of moves ahead…
DHCP doesn’t change by itself, not in a corporate environment…

A gentleman sits back and enjoys the show!


My 2 cents

Indeed. The lease time is set to 28800, 20 days I guess.

Let’s enjoy the show :confused:

1 Like

Most DHCP servers, including Microsoft and NethServer, will give the same IP to an existing DHCP Client / MAC address when a lease expires, even without any DHCP reservations… So something has been changed by someone…