OPNsense Forum

Hi all,

I am building a small network so I've just setup an opnsense firewall - so far so good I like it very much and it works just fine.

But one thing is a bit strange - at the moment I use the dhcp server distributed with opnsense (later I will replace it in some time but for now it has to do the job), Internet connection works and the clients receive the right IPs. But the DHCP server distributes 2 default gateways one of them is the internal ip (private network) of the firewalls LAN interface which is the right one and the second is the external IP of my WANs interface in ISP network. I already tried to fix that in typing in the LAN interface ip as Gateway in the DHCP settings but the DHCP keeps distributing 2 default gateways. Did I miss something? What did I wrong?

Best regards

PS: Latest version of OPNsense is installed.

I doubt a bit that the router sends 2 addresses. Can you check that with a tool?
Like:

root@host:/user # ./dhcptest
dhcptest v0.5 - Created by Vladimir Panteleev
https://github.com/CyberShadow/dhcptest
Run with --help for a list of command-line options.

Listening for DHCP replies on port 68.
Type "d" to broadcast a DHCP discover packet, or "help" for details.
d
Sending packet:
  op=BOOTREQUEST chaddr=89:D0:26:C6:5E:E8 hops=0 xid=B5943FF3 secs=0 flags=8000
  ciaddr=0.0.0.0 yiaddr=0.0.0.0 siaddr=0.0.0.0 giaddr=0.0.0.0 sname= file=
  1 options:
     53 (DHCP Message Type): discover
Received packet from 192.168.0.1:67:
  op=BOOTREPLY chaddr=89:D0:26:C6:5E:E8 hops=0 xid=B5943FF3 secs=0 flags=8000
  ciaddr=0.0.0.0 yiaddr=192.168.0.132 siaddr=192.168.0.69 giaddr=0.0.0.0 sname= file=openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf
  9 options:
     53 (DHCP Message Type): offer
     54 (Server Identifier): 192.168.0.1
     51 (IP Address Lease Time): 7200 (2 hours)
      1 (Subnet Mask): 255.255.255.0
      3 (Router Option): 192.168.0.1
      6 (Domain Name Server Option): 192.168.0.1, 8.8.8.8
     66 (TFTP server name): 192.168.0.69
    119 (Unknown): 08 7A 65 69 74 6B 69 6E 64 02 64 65 00
     15 (Domain Name): mydomain.de


If you have a Mac:

Mac:~ user$ ipconfig getpacket en0
op = BOOTREPLY
htype = 1
flags = 0
hlen = 6
hops = 0
xid = 0x6e5f2a43
secs = 0
ciaddr = 192.168.0.101
yiaddr = 192.168.0.101
siaddr = 192.168.0.69
giaddr = 0.0.0.0
chaddr = 34:15:9e:3d:83:56
sname =
file = openwrt-ar71xx-mikrotik-vmlinux-initramfs.elf
options:
Options count is 9
dhcp_message_type (uint8): ACK 0x5
server_identifier (ip): 192.168.0.1
lease_time (uint32): 0x15180
subnet_mask (ip): 255.255.255.0
router (ip_mult): {192.168.0.1}
domain_name_server (ip_mult): {192.168.0.1, 8.8.8.8}
domain_name (string): mydomain.de
domain_search (dns_namelist): {mydomain.de}
end (none):

Thank you Zeitkind for the great recommondation and the reply. I will respnse to that on Sunday as I am back on site the earliest on Saturday. Too bad no VPN configured yet -_-;

Hi,

sorry for the long silence - too much work to do and less free time. There was everything ok with the DHCP some static configuration were left on my test client and mislead me to the assumption. Sorry for the inconvience and thank you for the help. Topic solved.

Hi Arcthurus, thanks for checking back! :)