Hi,
i have 2 opnsense
Lan1->opnsense1->
wan router
Lan2->opnsense2->
opnsense1 have a static route for lan2,destination opnsense2
opnsense2 have a static route for lan1,destination opnsense1
Hybrid outbound NAT rule generation
In opnsense1 i have a nonat to lan2
In opnsense2 i have a nonat to lan1
Firewal rule in opnsense2, permit ip from lan1
Gateway monitoring is disabled.
Block private network on wan, disabled
Now, communication from lan1 to lan2 and from lan2 to lan1 work correctly buf after after 30 seconds stop.
Is not asymmetric, but i have try "Bypass Firewall Rules for Traffic on Same Interface" with no success
I think is a state problem, but how to resolve?
When i connect from Lan1 to Lan2 (ssh from 172.30.0.164 to 172.30.2.10)
in opnsense 1 i have
all tcp 172.30.0.164:59216 -> 172.30.2.10:22 SYN_SENT:CLOSED
all tcp 172.30.2.10:22 <- 172.30.0.164:59216 CLOSED:SYN_SENT
In opnsense2 i have
all tcp 172.30.0.164:59216 -> 172.30.2.10:22 ESTABLISHED:ESTABLISHED
all tcp 172.30.2.10:22 <- 172.30.0.164:59216 ESTABLISHED:ESTABLISHED
I have try to use policy routing instead static routing with same problem
My opnsense2 intercept syn sent, but syn reply is not intercepted (but is present and routed correctly)
Any ideas?
Thanks
Is a problem in my router,
i need to remove same interface routing
So I'm having the same problem between LANs on the SAME firewall.
I have only one OPNsense box.
My SSH sessions to my server on LAN 2 kept freezing up after about 30 seconds. At first, I thought my server was lagging, but problems went away the moment I was on the same LAN.
The only thing standing between LAN1 and LAN2 is this OPNsense box.
That being the case, OPNsense must be killing the Intra-LAN traffic after about 30 seconds.
Did you ever find a solution? I have the same problem with a static route and RDP sessions timeout after 30 seconds.
Probably if you enable the option to bypass firewall rules on same interface under settings somewhere it will fix this.
Yes that did the trick, thanks!