Cannot access internet from LAN

[overopn]

Hi, this is a new setup running on a VM (Xenserver) with 2 NICs.

I have setup one for WAN, one for LAN. From my LAN, I'm unable to access internet (ping 8.8.8.8 fails).

I have same setup running a fresh install of pfsense, have similar problem. I needed to add a firewall LAN rule to LAN net to access to get it working on pfsense.

pfsensefirewall.jpg

I see OPNSense have setup that rule automatically (nice), but the firewall logs shows it passes (e.g. 10.0.0X)

opnsense1.jpg
opnsense2.jpg
opnsense3.jpg

[kanstin]

It looks like your XEN is behind another firewall? If so, in Interfaces/WAN make sure "Block private networks" isn't enabled.

[overopn]

It's behind another router. Nope "Block private network" is unchecked.

The same setup works with pfsense VM fine, and both are fresh setup.  I configured the same way as pfsense.

[overopn]

I need to manully add NAT outbound rule to any to get it to work. The auto generated rule does not allow it.

[mgvanosd]

I am new to Opnsense(PFSENSE user for many years) and am running OPNsense-18.1.6-OpenSSL-vga-amd64.img.bz2. From what I can tell all is setup correctly but my lan is not able to access the Internet. Following is what I have done:
1) From the Interface diags I can ping an address on the Internet.
2) From my lan workstation I can resolve a DNS name but I cannot ping, nor bring up a webpage.
3) Ran a packet capture on the Lan and see the attempt. Ran a capture on the WAN, filtering on the Internet destination address, and I see no packets.

I'm thinking this means my private addresses are not being natted? How else can I isolate why this is happening?

Thank you.