Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: dpshak on March 03, 2021, 03:56:46 PM

Title: SOLVED! WHAT am I missing?!? (Adding a subnet)
Post by: dpshak on March 03, 2021, 03:56:46 PM
I have 21.1.2-amd64 in the ProtectLi minicomputer.

For about 1 year now I've been running OPNsense, with a single LAN, connect to my ISP (Comcast).  It worked just fine.  However; my homebuilt security system is NOT working how I anticipated (or wanted) so I decided to replace my homebuilt system with commercial, cloud-based hardware.  To accommodate the new hardware, I wanted to add a new LAN (subnet?) to my OPNsense router. 

My goal was to isolate these new IoT devices (on the new LAN) from the hard-wired and WiFi desktops, laptops, and cell phones on my 'home' network.  To that end: I added em2, gave em2 a static address, and enabled em2.  After a LOT of fiddling around, I have managed to get hardware on em2 to communicate within the em2 LAN, but I have NO internet connectivity!

WHAT AM I MISSING?!? 
I checked all of the 'pre-configured' firewall rules for my WAN/Home networks, tried to copy/paste seemingly appropriate rules to my IoT network, but none of them worked!  I also tried adding rules from FAQs, that I found on the interwebz, for both pfSense and OPNsense, but none of THEM worked either...

Help?!?
Title: Re: WHAT am I missing?!? (Adding a subnet)
Post by: chemlud on March 03, 2021, 04:04:23 PM
You have to add allow rules to the firewall tab of you new interface. And have a look if outbound NAT added you new subnet.
Title: Re: WHAT am I missing?!? (Adding a subnet)
Post by: sorano on March 03, 2021, 04:08:07 PM
Yeah probably missing outbound NAT rules for the new subnet like chemlund said
Title: Re: SOLVED! WHAT am I missing?!? (Adding a subnet)
Post by: dpshak on March 04, 2021, 10:28:55 AM
First of all, thanks for the responses!   :)

As to the cause of my troubles?
An FSCK'd patch cable!  :-[ :o >:(

I've been fighting with this thing for a week now!  >:( 
The IoT subnet port is connected to an 8 port unmanaged switch.  I put the switch in-line for any hardwired IoT devices I may acquire AND I'm using an old WRT54-G (running DD-WRT), that will be placed on the main floor of the house, to provide WiFi for my security devices.  The WRT54-G was used in my old security system (LOCAL access only) so I had to reset it for use with the new subnet.  That was an (relatively) easy fix.  Finally, after reading your responses, and trying everything I could think of, and failing...I plugged the laptop (wired connection, that I used to reset the WRT54-G) directly into the IoT subnet port and viola!  Everything works as it should.

A few months ago; in preparation for this change, and to clean up my networking rats' nest, I bought a 10-pack of 3' CAT6 patch cables from Amazon.  This is the SECOND one that's been bad! >:(

Thanks again, folks! :)
Text only | Text with Images