Hey all,
I have a server running esxi 6.7 with a OPNsense 18.7.4 VM which has several interfaces.
The WAN interface was set to receive DHCP from my cable modem. After some initial configuration and testing I changed the WAN to a dedicated IP. Now I get no internet access on the LAN interfaces, but I can ping external IP/names from the OPNsense cli.
I don't see an issue, but I'm no firewall expert.
Any ideas?
Thanks!
And now that dhcp6c is not running as you've gone static it is not giving a PD to the LAN. Have you set up dhcpd6?
Ok...normally I don't go too deep in configuring OPNsense.
I'm a little over my head. I don't see dhcpd6 running in the services list.
How do I get it running again?
I do have my WAN interface IPv6 set to dynamic now.
Thank you!
If WAN is set to dynamic and you have a v6 address on the WAN then are you now showing a v6 address on the LAN interface and is dhcpd6 running?
I have set both ipv4&6 to dynamic on the WAN.
Under Interfaces/Overview/WAN I get same ipv4 address I was getting before and it does show a ipv6 link local address.
The LAN also shows an ipv6 link local address.
I still have no internet access on any of my lan interfaces. :(
Have you ever had IPv6 working?
Some ISP's do not support IPV6 yet so make sure yours does. Who is your ISP, you may require certain options to be set.
I had internet when I first set this test system up. After changing to static is when it stopped and now can't get it back.
I have Comcast Business. BTW...I have set up test systems before with static WAN and had no issue.
Thanks!
Setting up static on the wan isn't an issue, what have you done on the lan side if you do that?
I'm not sure what I've done to get where I am with this setup.
I'm going to reinstall and start with static WAN and see if I can make it work.
Thank you for all the help! If I still have an issue, I'll post again.
Ok...I've set a bare minimum config on a new VM with static ipv4 on the WAN and I get no internet access on the LAN!!!
I've done this same config months ago...did Comcast change or did OPNsence change?
Sorry I misread earlier messages, I though we were talking IPv6.
Are you setting a gateway address?
Yes I am.
OK, in Interfaces->Diagnostics->Ping. Enter 8.8.8.8 as the host, select WAN as the Source address and click on ping, do you get a response?
This will be my last post until tomorrow morning (-5 CSDT).
Ping does not fail on IP or domain names from host or LAN (in the GUI)...which has got me really confused.
I'm using a debian VM (on LAN) to gain access to the OPNsense GUI and from that VM I can not get to the web.
Current opnsense config:
default except:
static IP
local hostname and domain
password
I'm really confused now!
Good night and thanks!
From the Debian machine:
Is it resolving names? So if you ping a fqdn, does it resolve the IP.
It will ping the opnsense short name, but not its FQDN.
EDIT:
I just noticed my ipv4 Gateway WANGW is unknown. The WAN_DHCP6 gateway is online.
Just ignore ipv6 for now, let's get IPv4 sorted first. What to you mean short name?
Can you ping dns.google.com and get a response?
Can you ping 8.8.8.8 and get a response?
I've made some progress by testing different settings and resetting to default if opnsense stops giving access.
I'll report back my findings when if I get this fixed or if I need more help.
Thanks!
Ok...took me longer than I thought since I was pulled into a conference call and I had to backtrack.
Here's how I fixed it:
Interfaces/WAN/Static IPv4 Config/IPv4 Upstream GW
Set to the actual static GW even though the Info text says:
"For a single WAN interfaces a gateway must be created but set to auto-detect."
Someone needs to fix this! This killed a whole day of my time! >:(
@marjohn56 Thank you for all your effort!
It says "If this interface is a muti-WAN interface, select an existing gateway from the list or add a new one using the button above. For single WAN interfaces a gateway must be created but set to auto-detect. For a LAN a gateway is not necessary to be set up."
Which to me means click the '+' Button to create the gateway, auto-select is already set for you. However I suppose it's a tad ambiguous.
That is exactly what I did. I created the WAN Gateway manually and set it to Auto as the info states. This would not work.
I had to select the GW, not auto, to get internet connectivity on the LAN.
OK, I'll check that out and raise an issue if i can replicate it.
I'm curious if you were able to reproduce the issue.
Thanks!
I'd forgotten actually, too many things going on. :)
However, I just factory reset my test router, did a default set up from console. Then I went into the WAN interface, changed it to static, set an address and mask and then added a gateway, set up monitoring on the gateway and tested connectivity and all is good. In fact I'm replying via that router now. I'm unable to replicate the issue you had.