Hi,
I'm new to OPNsense after moving from an untangle firewall that I used for years. So far, so good except one problem:
Certain websites (https://www.breezeline.com for example) can't be reached as they fail with "the connection was reset" error.
I think it possibly may have something to do with the fact that during the setup process I had two WAN connections, a static and a DHCP, so two gateways as well. I have since deleted the static WAN & gateway and am only using the DHCP WAN connection. I do not know for sure if the problem existed before I deleted the static WAN.
I believe that all of the leftover firewall rules from the static WAN have been removed.
I have Unbound DNS enabled.
Looking at INTERFACES-->OVERVIEW shows that I'm picking up two DNS servers from my ISP.
I think this may be a DNS problem, but am not really sure.
I'm out of troubleshooting ideas.
Thoughts?
Thank you.
More info:
Attached a traceroute to two sites:
disney.com which works. The trace looks as you would expect.
breezeline.com, which is a site that fails. The trace falls into a black hole after the 4th hop. The 3rd and 4th hop (atlanticbb.net) are my ISP.
To my novice eye, it seems they are dropping my connection, but why?
Is there anything in OPNsense that could be misconfigured to cause this behavior?
I have started a ticket with my ISP. Their first line support sees nothing wrong, but they have escalated it, unfortunately, that may take a day or a few.
(http://trace.png)
Thanks.
I can't get to automationdirectc.com failing after a few trace hops. Seems a problem on their site.
breezeline seems fine despite traceroutes a bit odd. Straight https://breezeline.com on a browser, no problem.
$ tracepath breezeline.com
1?: [LOCALHOST] pmtu 1500
1: OPNsense 2.987ms
1: OPNsense.moomooland 2.671ms
2: host-92-28-192-1.as13285.net 4.883ms
3: ae50-ner001.msp.as13285.net 21.692ms
4: ae50-scr001-msp.as13285.net 5.547ms
5: ae63-scr102.thw.as13285.net 11.976ms
6: 193.251.144.71 12.205ms
7: no reply
8: be2868.ccr41.lon13.atlas.cogentco.com 13.726ms asymm 9
9: be2099.ccr31.bos01.atlas.cogentco.com 78.946ms asymm 12
10: 38.122.253.210 80.162ms asymm 13
11: static-209-196-168-132.nh.cpe.atlanticbb.net 80.755ms asymm 14
12: no reply
13: no reply
14: no reply
15: no reply
16: no reply
17: no reply
18: no reply
19: no reply
20: no reply
21: no reply
22: no reply
23: no reply
24: no reply
25: no reply
26: no reply
27: no reply
28: no reply
29: no reply
30: no reply
Too many hops: pmtu 1500
Resume: pmtu 1500
There's nothing on a router that would interfere on the hops after leaving its gateway but yes, make sure you have removed traces of what could cause asymmetric routing (two WANs but misconfigured)
I get tons of those while browsing the web. I figure the Internet and modern web browsers are just broken and no one cares enough to fix the problem. I never considered it to be related to OPNsense or it's predecessor/forks.