Hello,
What i'm missing here? I'm using shuttle ds77u as Opnsense box and Unifi Dream machine + USW Mini switch.
Topology: VDSL-modem in bridged mode -> Opnsense -> UDM -> Unifi USW Flex mini -> desktop
Networks on Opnsense and UDM
- LAN 192.168.3.0/24
- WAN
- VLAN10 10.10.10.0/24
IP addresses
- VDSL-bridge 192.168.1.1
- Shuttle/Opnsense box IP 192.168.3.1 (set by opnsense LAN settings)
- UDM IP 192.168.3.2 (set by UDM in its LAN settings)
- USW flex mini IP 192.168.3.10 (given by ?? maybe UDM DHCP since when I set it to static lease on opnsense it says offline)
UDM doesn't show up at all in in DHCP leases on Opnsense, USW flex mini does on the LAN interface.
When I connect my desktop to USW flex mini "all/trunk" port meaning network 192.168.3.0/24 I can access 192.168.3.1 and UDM controller on 192.168.3.2 just fine but I don't have any internet connectivity.- When I connect my desktop to USW flex mini port configured as "vlan10" meaning network 10.10.10.0/24 I can access 192.168.3.1 but not 192.168.3.2 but I have internet connection.
Questions:
A) Why cannot I access 192.168.3.2 from the 10.10.10.0/24 VLAN network?
B) Why I don't have internet access on 192.168.3.0/24 LAN network?
C) Why doesn't Opnsense give IP to UDM?
Shuttle/Opnsense box IP 192.168.3.1 (set by opnsense LAN settings)
UDM IP 192.168.3.2 (set by UDM in its LAN settings)
That will not work, at least not in this setup:
> Opnsense -> UDM ->
You need to plug in the UDM WAN interface into the OPNsense LAN. And change either the OPNsense LAN network to a different /24, or re-IP your LAN network to something different. You cannot use the same network for LAN & WAN.
Not quite what I was looking for for that does double NAT
Hello,
I switched unifi LAN to 192.168.2.1 and Opnsense box to 192.168.6.1. Now I have Double-NAT situation which I don't want
Tracing route to google.com [172.217.21.142]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms unifi.localdomain [192.168.2.1]
2 <1 ms <1 ms <1 ms 192.168.6.1
3 12 ms 12 ms 11 ms dsl-nnnnn []
Is this because I have now connected Opnsense box to WAN port of UDM? Should I just switch to LAN port then so Opnsense could do firewall stuff?
Hello,
My idea is to use UDM as a managed switch/unifi controller/wireless access point and firewall/dhcp and everything else would be managed on Shuttle Opnsense. Is this even possible or do I need "plain" unifi managed switch + unifi network controller on a raspberry pi etc.
It kind of expects to be the router, so you could plug it into LAN (with it's LAN interfaces) and if your OPNsense box had a spare NIC, you could give that a new IP network and plug UDM WAN in there, for the UDM to "think" it has WAN, too.
If you have a managed switch, you can also do this with VLANs.
For a more clean way, maybe get a UniFi switch / nanoHD/FlexHD (or a new U6 LR / Lite) and install the controller locally or get a CloudKey G2.