Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: Arma@gg3dd0n on March 24, 2020, 10:06:02 PM

Title: [Solved]No internet on LAN
Post by: Arma@gg3dd0n on March 24, 2020, 10:06:02 PM
Hello,
i've installed opnsense on a virtual machine so i have configured a WAN with following ip 192.168.2.52 (static or dhcp is same, fritzbox 7490 is dhcp server);
then i put LAN in 192.168.1.1; i can ping from wan and lan with tool inside opnsense but there is no internet from pc and so there is no way to exit from LAN; Ethernet Icon in taskbar (windows) says no internet.
I have tried several options that i found around in the forum with no luck and when i save whatever parameters in gui, it takes too long to reload page.

Please, can you help me?
Title: Re: No internet on LAN
Post by: banym on March 25, 2020, 08:26:33 AM
Check your DNS Settings. If that does not help, post your configuration, rules and everything that can help us to understand your environment.
Title: Re: No internet on LAN
Post by: bartjsmit on March 25, 2020, 08:37:35 AM
Check that you have correctly entered a static route for your LAN on the Fritzbox: https://en.avm.de/service/fritzbox/fritzbox-7490/knowledge-base/publication/show/581_Configuring-a-static-IP-route-in-the-FRITZ-Box/

Bart...
Title: Re: No internet on LAN
Post by: Arma@gg3dd0n on March 25, 2020, 05:26:20 PM
Quote from: banym on March 25, 2020, 08:26:33 AM
Check your DNS Settings. If that does not help, post your configuration, rules and everything that can help us to understand your environment.
Thank you for reply :)
I don't know what i have to modify; in the configuration wizard i have setted google dns, but it already  was setted in the fritzbox.
So i have included some  screenshot of my configuration with the link at bottom

Quote from: bartjsmit on March 25, 2020, 08:37:35 AM
Check that you have correctly entered a static route for your LAN on the Fritzbox: https://en.avm.de/service/fritzbox/fritzbox-7490/knowledge-base/publication/show/581_Configuring-a-static-IP-route-in-the-FRITZ-Box/

Bart...
Thank you for reply :)

I have created a a route in the fritzbox, you can see it in screeshot but when i try to create one in opn as you can see, gui becomes unavailable and i need to reset by connecting with the console.


Thank you for support

https://imgur.com/a/OCVF6sV
Title: Re: No internet on LAN
Post by: johnsmi on March 25, 2020, 06:03:52 PM
1.
The route ffritzbox->opnsense-LAN is only needed if you want to access the opnsense-LAN from fritzbox-Net.

2.
The route is wrong, gateway should be 192.168.2.52 (OPNsense-WAN-IP)

3.
Don't add any routes in OPNsense, those are added automatially.

4.
Can you ping 192.168.2.1 from LAN-Interface in OPNsense?

5.
Are there any restrictions on the fritzbox? child-protection, online-limit, ...
Title: Re: No internet on LAN
Post by: Arma@gg3dd0n on March 25, 2020, 06:37:29 PM
Quote from: johnsmi on March 25, 2020, 06:03:52 PM
1.
The route ffritzbox->opnsense-LAN is only needed if you want to access the opnsense-LAN from fritzbox-Net.

2.
The route is wrong, gateway should be 192.168.2.52 (OPNsense-WAN-IP)

3.
Don't add any routes in OPNsense, those are added automatially.

4.
Can you ping 192.168.2.1 from LAN-Interface in OPNsense?

5.
Are there any restrictions on the fritzbox? child-protection, online-limit, ...

Thank you for reply :)

so i will follow your number to give answer:

1)I dont need to access in the opnsense lan from fritz lan. so do i have to remove route on fritz?
2)In the meanwhile for above, i have changed gateway as you say.
3)Ok
4)Yes i can ping 192.168.2.1 from LAN.
5)Oh my god.... during this answer i realized (i didnt mind) that all traffic from external was addressed on domotic device (i dont have a static and public IP from ISP so i cannot make great difference for inbonud traffic)....oh my god..... i removed it and i exposed IP of opnsense (i think it is DMZ but fritz says exposed) internet was returned.... i dont believe...
but now i have another problem, it works only with static IP because with DHCP it didn't take right Primary dns (i have set 192.168.2.1) any tips?
oohh THANK YOU!!!!!!
Title: Re: No internet on LAN
Post by: johnsmi on March 25, 2020, 07:14:58 PM
1) You don't have to, however you can remove the route if you don't need it.
5) I'm not sure if i understand.

With BIND and/or unbound you can set DNS Query Forwarding.
https://wiki.opnsense.org/manual/how-tos/bind.html#advanced
You can put 192.168.2.1@53 there.

When adding the IPs of your ISP-DNS-Servers, these mightwill change sometime and break thinks. Be aware of it. Should be fine until then.



6.
If IPv6 doesn't work: there is a 'feature' in the recent FritzOS. All devices connected to the fritzbox need to be set to standard-profile, without any restrictions.
Title: Re: No internet on LAN
Post by: Arma@gg3dd0n on March 25, 2020, 09:02:57 PM
Quote from: johnsmi on March 25, 2020, 07:14:58 PM
1) You don't have to, however you can remove the route if you don't need it.
5) I'm not sure if i understand.

With BIND and/or unbound you can set DNS Query Forwarding.
https://wiki.opnsense.org/manual/how-tos/bind.html#advanced
You can put 192.168.2.1@53 there.

When adding the IPs of your ISP-DNS-Servers, these mightwill change sometime and break thinks. Be aware of it. Should be fine until then.



6.
If IPv6 doesn't work: there is a 'feature' in the recent FritzOS. All devices connected to the fritzbox need to be set to standard-profile, without any restrictions.

1)ok
2)If i left dhcp in windows i cannot access to internet, there is need to specify primary dns manually
i have added in custom "forward-addr: 192.168.2.1@53" but nothing change; So i have seen that in unbound DNS play button is available to press, but after click it didn't became green; is this a problem?

6) i see, thank you
Title: Re: No internet on LAN
Post by: johnsmi on March 25, 2020, 09:48:33 PM
I'm still not sure which DNS/DHCP you're talking about.

DNS-Forwarder
@ Services: Unbound DNS: General
Quote
forward-zone:
name: "."
forward-addr: IP@53





DNS-server for OPNsense/its DHCP:
@ System: Settings: General
DNS servers
... 192.168.2.1
[ x ] Allow DNS server list to be overridden by DHCP/PPP on WAN

DNS-Server set at OPNsense-DHCP:
@ Services: DHCPv4: [LAN]
... 192.168.2.1 can be used for testing,
"Leave blank to use the system default DNS servers: This interface IP address if a DNS service is enabled or the configured global DNS servers."


Above ones "should" set the correct DNS-server at the clients.


@unbound the play-button needs to have green background, otherwise its switched off.
Title: Re: No internet on LAN
Post by: Arma@gg3dd0n on March 26, 2020, 11:41:53 AM
Quote from: johnsmi on March 25, 2020, 09:48:33 PM
I'm still not sure which DNS/DHCP you're talking about.

DNS-Forwarder
@ Services: Unbound DNS: General
Quote
forward-zone:
name: "."
forward-addr: IP@53






DNS-server for OPNsense/its DHCP:
@ System: Settings: General
DNS servers
... 192.168.2.1
[ x ] Allow DNS server list to be overridden by DHCP/PPP on WAN

DNS-Server set at OPNsense-DHCP:
@ Services: DHCPv4: [LAN]
... 192.168.2.1 can be used for testing,
"Leave blank to use the system default DNS servers: This interface IP address if a DNS service is enabled or the configured global DNS servers."


Above ones "should" set the correct DNS-server at the clients.


@unbound the play-button needs to have green background, otherwise its switched off.

johnsmi you helped me a lot, I am grateful to you!!
I solved my problems; I've learned a lot of things!!
Thank you again!
Text only | Text with Images