1
23.1 Legacy Series / Intersite routing issue - driving me mad!
« on: March 02, 2023, 10:58:22 pm »
Hey folks
I have just replaced a router at a site that I believed to be configured okay, and it turns out it isn't working as intended. I've attached the diagram of the network and connections.
The OPN router has a WAN and 1Gb Dark Fibre to another site, so copying the previous config (which worked fine!) I have set the WAN to default GW and weighted it. IGB2 is Intersite and has 10.1.50.2 with a Gateway of 10.1.50.1 which is a pfSense at HQ. There are no issues getting from the site to the public internet via the WAN.
Here is where it gets weird. I've added the static routes for the other sites and allowed IPv4 any/any across the Intersite. I can ping everything at HQ and HQ can ping everything at the London/OPNSense site, it looks okay. Remote Desktop works, as do file shares. However, UDP from the Phone System SIP trunk hosted at HQ is filtered out for calls; we can hear the other person, but they cannot hear us. It is like the outbound is filtered out, but the inbound works. This is backed up with the fact that I cannot ping anything in the USA sites from OPNSense, but the USA sites CAN ping and see things at the London/OPNSense site.
Any ideas? I've been at this since 4am this morning, it's now almost 10pm at night. It has to be something to do with firewall rules. I know it's not the other routers as the Draytek that was removed worked fine.
I have bought a DEC3840 so I will contact Sales for support in this matter if you guys cannot shed any light on where I am going wrong.
I have just replaced a router at a site that I believed to be configured okay, and it turns out it isn't working as intended. I've attached the diagram of the network and connections.
The OPN router has a WAN and 1Gb Dark Fibre to another site, so copying the previous config (which worked fine!) I have set the WAN to default GW and weighted it. IGB2 is Intersite and has 10.1.50.2 with a Gateway of 10.1.50.1 which is a pfSense at HQ. There are no issues getting from the site to the public internet via the WAN.
Here is where it gets weird. I've added the static routes for the other sites and allowed IPv4 any/any across the Intersite. I can ping everything at HQ and HQ can ping everything at the London/OPNSense site, it looks okay. Remote Desktop works, as do file shares. However, UDP from the Phone System SIP trunk hosted at HQ is filtered out for calls; we can hear the other person, but they cannot hear us. It is like the outbound is filtered out, but the inbound works. This is backed up with the fact that I cannot ping anything in the USA sites from OPNSense, but the USA sites CAN ping and see things at the London/OPNSense site.
Any ideas? I've been at this since 4am this morning, it's now almost 10pm at night. It has to be something to do with firewall rules. I know it's not the other routers as the Draytek that was removed worked fine.
I have bought a DEC3840 so I will contact Sales for support in this matter if you guys cannot shed any light on where I am going wrong.