Hi,
i have a routing problem with my Opnsense 20.7.5.
My Opnsense has two interfaces
- em0 (LAN)
- igb0 (WAN, connected to a Vodafone Cable Router)
The LAN-Interface has two IP-Addresses, 192.168.5.144/24 and as virtual IP 192.168.10.144/24
So I can now access from my Opnsense network devices in both networks. Every thing is fine :-)
But when I try to make a connection from a device with an address of the 192.168.5.0/24 network to an address of the 192.168.10.0/24 network, I've got "Destination Net Unreachable"
A look to the interfaces with tcpdump shows me, the network packets are routed to the gateway via the WAN interface.
But why?
here is my routing table, I think it looks good.
ipv4 default 192.168.0.1 UGS 20064533 1500 igb0 UnityMedia
ipv4 127.0.0.1 link#4 UH 1847603 16384 lo0 Loopback
ipv4 192.168.0.0/24 link#2 U 20070144 1500 igb0 UnityMedia
ipv4 192.168.0.100 link#2 UHS 784634 16384 lo0 Loopback
ipv4 192.168.5.0/24 link#1 U 309115708 1500 em0 LAN
ipv4 192.168.5.144 link#1 UHS 2963429 16384 lo0 Loopback
ipv4 192.168.10.0/24 link#1 U 38871 1500 em0 LAN
ipv4 192.168.10.144 link#1 UHS 8 16384 lo0 Loopback
I think, the device with the network-address of the 192.168.5.0/25 network has to get an ICMP-Redirect, because the destination network 192.168.10.0/24 is on the same link. But where can I set this ?
Any idea, or am I completely wrong?
Greeting Detlev.
Hi,
for testing purposes I've disabled my default gateway. Then, everything in my local networks is fine,
the device with an address in the 192.168.5.0/24 network can reach a device in the 192.168.10.0/24 network on the same interface.
But of course, the internet can't be reached.
So I switched back, to reach the internet again.
But why are the packets to the 192.168.10.0/24 routed to the default gateway?
Regards Detlev.
By the way, I've updated Opnsense to OPNsense 20.7.7_1-amd64
hi,
the problem is solved.
The best hint I've got was from this thread
https://forum.opnsense.org/index.php?topic=11393.0;prev_next=prev#new. by christian.uhlmann.
He discribed the same problem as mine, expect that he has two interfaces in his configuration and not one interface with two addresses.
In former times, I used my opnsense in a multi wan environment. Now, I have only one internet-access-point. So I removed the multi wan Konfiguration from my system.
But the problem was still the same. So I set the opnsene into factory default setting and load my old configuration into the opnsense.
The same problem.
Than I set the opnsense again to factory default and configured the internet connection from the scratch.
It works!
Afterwards I have loaded some single configurations from my backup file into the system (DNS / DHCP / etc )
Conclusion:
No special firewall rules and no special nating is necessary.
But I seems that there are some problem with the removed multi-wan settings , which was not shown in the admin Guy, but saved in the configuration.
Detlev.