Text only | Text with Images

OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: Dexter_23 on November 16, 2021, 03:57:29 PM

Title: No Internet LAN
Post by: Dexter_23 on November 16, 2021, 03:57:29 PM
Hi

I have install OpnSense on a Server Proxmox, the firewall is connect to internet, but the VM on Proxmox on the LAN can't ping dns google
Title: Re: No Internet LAN
Post by: FullyBorked on November 16, 2021, 09:10:51 PM
Can the VM ping the LAN IP of the firewall? 
Title: Re: No Internet LAN
Post by: Dexter_23 on November 17, 2021, 08:57:50 PM
yes

but i can't ping the gateway of the WAN interface
Title: Re: No Internet LAN
Post by: Patrick M. Hausen on November 17, 2021, 09:01:02 PM
So log on via ssh to the OPNsense, test if you can ping the external gateway there, check your default route, etc.
Also your client systems must have the LAN address of OPNsense as their gateway.
Title: Re: No Internet LAN
Post by: Dexter_23 on November 18, 2021, 11:02:47 AM
Hi

OPNsense can reach the internet, only from lan i can't, the client lan have defalt gateway as LAN IP OPNsense.

it's seems like problem on NAT or Firewall Rules, but i don't know how to fix
Title: Re: No Internet LAN
Post by: fastboot on November 18, 2021, 05:34:15 PM
Hi,

did you check the NAT rules?

Firewall - NAT - Outbound

Did you check if there is a rule which allows the internal network being translated to the external IP? Also did you check the FW rules section for that internal interface?

Without details it's also hard to give you a good advice.

e.g
Interface configurations
routing table
nat table
fw rules
...

But either way I think you should learn how to configure a FW and use NAT. This is not really related to OPNsense at all. It's more over related to have a basic understanding what you are doing.

To be honest, before I play with a FW connected to the internet. I would setup a virtualized environment just to learn.

There are plenty of documentation in the internet which can help you. It even does not need to be related to OPNsense at all. Because usually when you can configure one FW, you can configure any basic FW setup. It's just about the basics.
Check on youtube for FW rules and NAT. Also IP addressing would be good.

just my two cents... :)

EDIT: Also be more precise in the subject usage. "No Internet LAN" makes absolutely no sense at all :)
LAN = Local area network
Internet != LAN
WAN = Wide Area Network (can be Internet, but not necessarily)
Hint: Name your interfaces properly do have a understanding.
Hint_2: Draw your network with subnets included and also the gateway IPs of the networks (like .1 for the GW)

Title: Re: No Internet LAN
Post by: Dexter_23 on November 18, 2021, 05:59:03 PM
Hi

NAT > Outbound

https://gyazo.com/0290bd957153b15ca0b3eaac7789c238

Firewall > Rules > LAN

https://gyazo.com/8d6c54561b0a081de46b770219b7806e

Text only | Text with Images