Hi,
I'm kind of blind, where to look for issues anymore. It is OPNsense 24.1.7_4-amd64
I have two vLANs
020_equipment 10.1.20.1/23
100_trusted_clients 10.1.100.1/23
I have two floating rules, that have these interfaces assigned, saying
- direction IN/OUT IPv4/IPv6 any to any, any protocoll
- no further rules defined anywhere else
I can ping
- 10.1.20.1 to a device 10.1.21.20
- 10.1.100.1 to a device 10.1.20.1
but I
cannot ping 10.1.101.68 to 10.1.21.20, while the life view of the firewall shows green for the ICMP packages.
(http://screenshot%20from%202024-05-31%2009-40-41.png)
(http://screenshot%20from%202024-05-31%2009-40-41.png)
Does 10.1.21.20 have a proper default gateway configured?
What types of clients are these?
Because if the firewall shows the ICMP packets as passing, I would guess that the target simply does not answer. This would be the case for Windows machines, which by default only answer to pings from their local subnet unless you change the local Windows firewall rules.
the IP address 10.1.21.20 is assigned to a network printer.
This printer was reachable via HTTPS Admin GUI and pingable in the past. And it answers pings to the OPNsense, when using the built in ping command from the gateway of
- 020_equipment 10.1.20.1
- 010_trusted clients 10.1.100.1
- but not from 10.1.100.68 or 10.1.101.68
and nothing changed on the printer setup. The only I changed was setting up the firewall fresh.
I checked the printers settings, it has
IP Address: 10.1.21.20
Subnet mask: 255.255.254.0
Gateway: 10.1.20.1
all given out by DHCP.