Hi all,
First of all, I'm new to OPNsense, so my question might be based on a lack of knowledge.
My issue is that I have made a static route to a raspberry pi4 that's connected to a wireless AP, but the connection is being reset every few minutes. If I connect to the pi through the AP's wifi, then everything is stable.
What I'm trying to accomplish is this:
(https://i.ibb.co/3fYzL3G/drawing.jpg) (https://ibb.co/1sJ6wgh)
I've added a gateway on LAN and a route through it pointing to 192.168.10.3. This basically works, but instable.
Don't see anything happening in logs, but could be that I look in the wrong place.
What am I missing?
Questions? Fire away :)
So your Pi4 is connected to the network via WiFi?
Can you show how did you configure your static route and the GW?
Is your GW configured as persistent UP or you are tracking it?
Regards,
S.
No the Pi is wired to the AP, but can be connected to wirelessly. If I connect wirelessly the connection is stable. So either something with the AP, or the OPNsense config.
The AP is configured as a wireless AP and has all needed ports forwarded to the Pi.
GW config and routing is like this:
(https://i.ibb.co/ry29SK6/5.png) (https://ibb.co/XJxHgfs)
(https://i.ibb.co/HKhSwFg/6.png) (https://ibb.co/9pZDK8Y)
In the GW configuration Egress Interface "LAN" thats the L3 Interface to which you have the AP connected?
Also your AP is a routed AP not a dummy AP?
On your AP you have several Subnets/Interfaces? One for the IP of the AP 192.168.10.0/24 and one for the Pi 192.168.1.0/24?
When you connect your Pi via WiFi does it get IP from 192.168.10.0/24 or from 192.168.1.0/24?
Also I forgot to ask before, how to you identify that you loose the connectivity to the Pi?
As well you said static route keeps dropping, can you during the time, check routing tables and ARP tables on OPN and the AP?
Why is your static route disabled?
Regards,
S.
Quote from: Seimus on June 22, 2023, 10:17:03 AM
In the GW configuration Egress Interface "LAN" thats the L3 Interface to which you have the AP connected?
Yes, the AP is connected to LAN
QuoteAlso your AP is a routed AP not a dummy AP?
It supports port forwarding and have fwd'd all needed ports. It basically works, yet unstable.
QuoteOn your AP you have several Subnets/Interfaces? One for the IP of the AP 192.168.10.0/24 and one for the Pi 192.168.1.0/24?
It has 192.168.10.3 on the LAN side (WAN for the AP) and 192.168.1.2 on the AP's LAN side.
When I connect wirelessly to the AP I get my 192.168.1.x from the AP's DHCP. (asuming that's what you're asking)
QuoteWhen you connect your Pi via WiFi does it get IP from 192.168.10.0/24 or from 192.168.1.0/24?
The Pi isnt getting a DHCP IP, its fixed 192.168.1.51 on eth0. Wifi is disabled on the Pi.
QuoteAlso I forgot to ask before, how to you identify that you loose the connectivity to the Pi?
I have Home Assistant on the Pi and I get constant Connection Lost messages and the gui becomes unresponsive until connection is reestablished.
QuoteAs well you said static route keeps dropping, can you during the time, check routing tables and ARP tables on OPN and the AP?
[/size]
Will look in to this. I think I have to set logging to debug first (somewhere ;))
QuoteWhy is your static route disabled?
Because it is unworkable, I now use a wireless connection through the AP, but want to have this routed. My ultimate goal is to make the 192.168.1.0 network a stretched VPN VLAN to a remote location. Thats my next challenge.
I hear you think, why not make a 192.168.1.0 VLAN? I've been experimenting with that, but for some reason I can't get that to work (yet). Also, I need an AP in the VLAN for my IoT devices. It is a test set up for a to-be remote production location .
Maybe I should replace my crappy TP-Link TD-W9970 AP for a proper one that I can flash with DD-WRT, so I can make VLANS and working relayed DHCP. Any suggestions?
Thanks for helping me so far :)
Thanks for the answers.
Its very weird, that when you have it connected via Wifi it works but on Wire it has problem. Depending on the interval how long is "down" this could be an issue as well of ARP resolution for example. But if we take the setup and routing is the same over WiFi or Wire from point of OPN it could indicate a problem on the Wireless routed Router.
I think in order to move a bit further you need to check ARP and Routes during the time of outage.
Quote from: patrick010 on June 22, 2023, 11:31:58 AM
I hear you think, why not make a 192.168.1.0 VLAN? I've been experimenting with that, but for some reason I can't get that to work (yet). Also, I need an AP in the VLAN for my IoT devices. It is a test set up for a to-be remote production location .
Maybe I should replace my crappy TP-Link TD-W9970 AP for a proper one that I can flash with DD-WRT, so I can make VLANS and working relayed DHCP. Any suggestions?
Thanks for helping me so far :)
This is what I have done actually. I have a LAGG with VLANs, which is far more superior in my opinion than to have separate interfaces in this case of scenario.
Personally I Use OpenWRT and AP is acting as dumb AP with several SSID each SSID is in different VLAN so this gives me possibility to segregate HOST on SSIDs as well (OpenWRT is awesome).
For routers/APs to use, I have an Archer C6 single CORE CPU, its a good one, depending on how many SSID you need and Wirelss throughput you need you can check out this one. Overall I would assume to get something better like Linksys EA8100 or Dual or QuadCore as it has more performance and will cover you in future.
On the OpenWRT and DD-WRT sites are HW tables supported and best Routers so you can have a look. Overall I would advice you get a device with MediaTEK chipsets cause they dont have problem with drivers, where Broadcom are always painful for these Open Source OSes.
Regards,
S.
Thanks for your thoughts. I'll get a decent router when I get back from my holiday in 2 weeks. I'm sure that'll help for the vlan bit