OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: foongws on October 23, 2018, 08:04:44 am

Title: FIrewall ruleset gateway point to gateway group, internet stop working
Post by: foongws on October 23, 2018, 08:04:44 am

I just upgrade the opnsense to OPNsense 18.7.5_1-amd64 yesterday.
after upgrade , the gateway group stop working.
it work on previous version.

My OPNsense got multiple wan link and a few LAN interface.
Each LAN , i would like to use different WAN link and some would need load balance between WAN link.

So far everything work fine till i upgrade it yesterday.
Now all the rules , the gateway have to point to default , otherwise it wouldn't.

And the default gateway no longer work (system -> gateway -> single), I have multiple gateway and i configure one of the gateway as default gateway. But the firewall will always use the first configure gateway. I have to disable the first gateway , then only the second gateway will be using.

Please advice.

Title: Re: Firewall ruleset gateway point to gateway group, internet stop working
Post by: mailman451 on October 26, 2018, 11:29:43 am

I have a similar problem here.

We have 5 DSL lines connected via PPPoE (WAN and OPT1-OPT4), and local LAN IPs grouped with aliases. Via firewall rules these alias groups are assigned one of the 5 gateways. We do not use gateway groups.

After updating from 18.7.4 to 18.7.6, only one gateway will have internet access (which one is found out by trial and error) and I have to select this gateway in the firewall rules for all the alias groups. Here my observation is different from the OP: which gateway works seems to be random after each reboot.

All PPPoE interfaces are connected and have been assigned an external IP, and using 'ping' from each of the 5 PPPoE interfaces to the internet also works.

As all 5 lines are from the same provider, they have all been assigned with the exact same gateway IP by the provider. By manually selecting a different monitor IP for each gateway, the monitoring works and shows all gateways in the green.

Even when disabling the alias groups' rules and just using a default LAN rule for the local LAN, still only one specific gateway will work.

EDIT: going back to 18.7.4 with

Code: [Select]

opnsense-revert -r 18.7.4 opnsense
and rebooting with the pre-update configuration, all is back to working normal.

Title: Re: FIrewall ruleset gateway point to gateway group, internet stop working
Post by: franco on October 26, 2018, 06:57:23 pm

Same as https://github.com/opnsense/core/issues/2835 maybe? We are currently trying to find more reports to try which commit is responsible.


Cheers,
Franco