OPNsense Forum

English Forums => General Discussion => Topic started by: nonsense on July 21, 2015, 06:38:29 pm

Title: Setting WAN interface with Gateway in different subnets
Post by: nonsense on July 21, 2015, 06:38:29 pm
Hi,

I am trying to setup pfSense in an ESXi server to protect the management network (yes, but don't stop reading), during the setup of the WAN interface it asks me for the IP and the gateway.

The provider uses IP Failover binded to MAC in order to provider with a public IPv4 to virtual machines, the Host has a different subnet range so pfSense complains saying "the gateway is not in the same subnet".

So, whereas I can get any VM to connect to Internet normally, I cannot get pfSense to configure a WAN interface and gateway in different subnets.

Is this issue "resolved" in OPNSense ? can you actually do that ?


Title: Re: Setting WAN interface with Gateway in different subnets
Post by: MaGu on July 30, 2015, 11:32:37 am
I had the same issue with my cloud infrastructure provider, and from the research I made on Google, this is not a bug, and is the standard BSD behavior.

To bypass this problem, I made a small script to set the gateway and the route when the system starts:
Code: [Select]
#!/bin/sh
SHELL=/bin/sh
PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
route add -host IP_REMOTE_GATEWAY -iface WAN_INTERFACE_NAME
route add default IP_REMOTE_GATEWAY

Hope it helps. I put this script in a cronjob to make sure the gateway is reapplied regularly "just in case" something changes it.
Title: Re: Setting WAN interface with Gateway in different subnets
Post by: BertM on August 05, 2015, 08:52:11 am
If you are running pfSense, you can add the additional routing in the config.xml file using shellcmd.

To do so, from Backup/Restore, download the config.xml file.
Open it with something like Notepad++ (NOT Windows Notepad !!!)

Locate the line that reads:
</system>

Just above that line, add the following two lines:
<shellcmd>route add -host IP_REMOTE_GATEWAY -iface WAN_INTERFACE_NAME</shellcmd>
<shellcmd>route add default IP_REMOTE_GATEWAY</shellcmd>

More info can be found at https://doc.pfsense.org/index.php/Executing_commands_at_boot_time (https://doc.pfsense.org/index.php/Executing_commands_at_boot_time)

On pfSense, you can also install the Shellcmd package. That will allow you to achieve the same via the web gui.

Regards,
Bert
Title: Re: Setting WAN interface with Gateway in different subnets
Post by: franco on August 05, 2015, 09:33:33 am
(shellcmd is not supported in OPNsense.)
Title: Re: Setting WAN interface with Gateway in different subnets
Post by: BertM on August 05, 2015, 11:44:49 am
Franco, you are right, but nonsense started with telling he did run pfSense, and he was just wondering if his problem was solved in OPNSense.
It's not, but there is a decent solution in pfSense which he is already running.

Kind regards,
Bert
Title: Re: Setting WAN interface with Gateway in different subnets
Post by: franco on August 05, 2015, 12:05:23 pm
True. My concern is that unless effort is put into solving this with us directly on OPNsense we're not moving forward. I cannot test every setup, I cannot easily reproduce some of them. That other projects don't have default support for this further indicates that it isn't commonly found, at least in the target group of said products.