Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: venex on November 26, 2025, 04:10:32 PM

Title: multi WAN, OpenVPN Instances, WireGuard Roadwarrior LAN, Internet routing issues
Post by: venex on November 26, 2025, 04:10:32 PM
I have 2 upstream WAN gateways from 2 different ISP.
They have different IPv4 configuration types: one is PPPoE and he other is DHCP.
WAN1 is the default gateway and it's priority is 10, WAN2's priority is 20.
Both of the gateways are non-stop online.
 
Previously I had a perfectly working OpenVPN Roadwarrior setup configured with the deprecated  'Firewall /VPN/OpenVPN/Servers' option. I could connect from the internet via both gateways (WAN1 and WAN2) to my OpenVPN server. I was able to access all local websites behind the firewall on my LANs, and I also had access to the internet via the firewall.

I migrated my OpenVPN Roadwarrior setup to the new 'Firewall/VPN/OpenVPN/Instances'. I can connect to my OpenVPN server via WAN1 and WAN2 from the Internet. If I connect via the default WAN1 gateway everything seems to be working fine, just like before. I'm  able to access local websites on the LANs and I can also access the Internet via the firewall. I'm also able to access the Web GUI of OPNsense.
However, when I connect via the WAN2 gateway, I experience the following strange behaviors:
DNS (nslookup) works and I can ping any domain/IP on the internet. I can open some websites on the Internet using curl, but I can not open the same websites using a web browser. I also can not open the Web GUI of OPNsense. I can open some local websites on my LANs with my web browser, but not others.

I would like to be able to open all local websites on the LANs and also all websites on the Internet when connected via a WAN2 gateway.

What I have already tried to solve the issue, but it didn't help:
- I changed the MTU and MSS values on a trial and error basis.
- I changed the 'Firewall/Settings/Advanced/Disable force gateway' option.
- I changed the 'Firewall/Rules/OpenVPN' rules, but nothing solved the issue.
- I have followed the official 'WireGuard Road Warrior Setup' (https://docs.opnsense.org/manual/how-tos/wireguard-client.html) to create a new  Roadwarrior setup with  WireGuard insetad of  OpenVPN. As a result, I experienced almost exactly the same problems as those encountered with the OpenVPN Roadwarrior setup. Connecting via the default WAN1 gateway everything seemed to be working fine but connecting via the WAN2 gateway, I experienced the same strange behaviors what I have with the OpenVPN Roadwarrior setup.

I would gladly pay anyone to help me figure out what's wrong with my settings.
If anyone can help, please send me a PM or write here.
Text only | Text with Images