Text only | Text with Images

OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: StP on April 14, 2020, 08:19:37 PM

Title: [Modified] No traffic from secondary local network to WAN
Post by: StP on April 14, 2020, 08:19:37 PM
After the update to 20.1.4 I seeing some NAT problems.
This is on a Deciso DEC2630 or DEC2640 device.
I have two internal -  physically seperated - networks. LAN on igb0 (172.16.30.1/16) and a new one called BBB on igb2 (172.31.30.1).
WAN is on igb1 with a fixed IP.
I have some NAT rules to 172.16.x.x which are all LAN clients. These still work.
And I have some rules to 172.31.0.2 which is a server in the BBB network. These do not work anymore after the update. The server itself is listening to all ports, I checked that from behind the firewall. Coming in over WAN I only get connection timeouts (10060).
I double ( and triple) checked my rules. They look good and unchanged.

Any changes in the last update that could cause this trouble?

Is there an easy way back to 20.1.3 to do some cross checks?

Regards, stay safe
Stefan
Title: [Modified] No traffic from secondary local network to WAN
Post by: StP on April 16, 2020, 04:18:22 PM
Well what I found by adding a test machine into the BBB network is this:
The root of the problem is not inbound NAT.
It is a routing problem from BBB to WAN. No packets going that way.
The BBB related entries in System/Routes/Status look fine (Similar to the LAN entries).
I have a firewall rule in place for the BBB network that allows anything.

I have not done anything special regarding gateway configuration.
IPV4 Upstream Gateway is set to Auto-Detect.

Call me stupid, maybe I am.
But this did work before in 20.1.3.

Where should I look?

Stefan

Title: Re: Update 20.1.3 to 20.1.4: NAT problems
Post by: mfedv on April 16, 2020, 10:28:30 PM
Quote from: StP on April 16, 2020, 04:18:22 PM
I have not done anything special regarding gateway configuration.
IPV4 Upstream Gateway is set to Auto-Detect.

not sure what auto-detect does, but can you try setting the gateway address instead?

in https://forum.opnsense.org/index.php?topic=13456.0 there was a similar problem, and setting the gateway address seems to have solved it.
Title: [Modified] No traffic from secondary local network to WAN
Post by: StP on April 17, 2020, 08:46:43 AM
Quotenot sure what auto-detect does, but can you try setting the gateway address instead?

in https://forum.opnsense.org/index.php?topic=13456.0 there was a similar problem, and setting the gateway address seems to have solved it.
The problem in the topic you mention seems a bit different from mine.

Well, according to the help available (Info button) I should not change this value for non-WAN interfaces.
Thanks anyways
Title: Re: [Modified] No traffic from secondary local network to WAN
Post by: Darkopnsense on April 18, 2020, 05:45:17 AM
Hi @StP,

System => Settings => General-> Network
Check: prefer IPv4 to IPv6

Regards,
Title: Re: [Modified] No traffic from secondary local network to WAN
Post by: StP on April 18, 2020, 10:30:09 AM
This setting is switched on.
So IPv4 is preferred.
Text only | Text with Images