OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: Drohne on February 04, 2019, 09:00:05 am

Title: No routing after upgrading to OPNsense 19
Post by: Drohne on February 04, 2019, 09:00:05 am
Hi out there.

After we upgraded our OPNsense device, I receive a "Configuring firewall.....failed" message on the console and obviously routing from attached internal networks via the one attached uplink (to ISP) doesn't work anymore.

The system is configured to utilize dual-stack.

It is something strange, login onto the OPNsense device and pinging IPv4/IPv6 destinations on both the external, outer network and internal networks works perfectly - the OPNsense also aquires its prefix and IPv4 from the ISP. From the internal networks, the OPNsense is also ping-able from all network segments and devices.

Also, the firewall logging realt-time view, for instance, and other log views do not show anything.

After restarting all services (either after reboot or via console, option 11), dpinger fails to start as well as dhcpd6 and radvd.

Routes are configured statically .

Any ideas?

Thanks in advance.
Title: Re: No routing after upgrading to OPNsense 19
Post by: DerAndyK on February 07, 2019, 12:34:01 pm
Same Problem for me. After Updating to 19.1 my primary Line was marked as down. I can ping the monitor adress manualy. So after enable "Mark System as Up" everything works. So i think dpinger is currently broken???
Title: Re: No routing after upgrading to OPNsense 19
Post by: marjohn56 on February 07, 2019, 08:06:34 pm
Dpinger is not broken, those of us who have been using for nearly a year will vouch for that.


Apinger and Dpinger are very different beasts and what worked with Apinger will not work with Dpinger and vice versa.


What are your settings in the Gateway that you are manually 'marking as up(?)' and do you have any advanced settings for Dpinger, it may have carried over settings if you used Apinger that are not valid for Dpinger.


There is no 'Mark System as Up' there is a 'Mark Gateway as Down' and a 'Disable Gateway Monitoring', so which is it?
Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on February 23, 2019, 09:59:24 pm
Same problem here.

Upgrading from 18.7 broke all Open VPN gateways. They can't be started. Gateway logs show nothing.
Happened on 2 different appliances.
Title: Re: No routing after upgrading to OPNsense 19
Post by: marjohn56 on February 23, 2019, 10:28:44 pm
Same problem?


The OP was talking about gateway monitoring, you are talking about OpenVPN.... not the same.


More info is needed. Have you updated to 19.1.1 for instance, is the rest of the system working as in can you connect to the internet - does the gatway(s) show OK. What do the OpenVPN and system logs say etc.


'It doesn't work' is not really very useful when trying to work out whats wrong.
Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on February 24, 2019, 10:56:52 am
Same problem as in all gateways relying on dpinger are down and cannot be started.
I have gateway monitoring on OpenVPN, but the OpenVPN service is up an running and connected to the remote locations.
Both appliances are on 19.1.1.
Nothing in the gateway or main logs.

Gateway config:
Interface: OpenVPN interface 1
Address family: IPv4
IP address: synamic
Monitor IP: 1.1.1.1

Everything else in unticked.
Title: Re: No routing after upgrading to OPNsense 19
Post by: marjohn56 on February 24, 2019, 11:15:36 am
And what settings do you have in the Gateway(s) for monitoring?


How is your WAN setup is it static, dhcp PPPoE? Are your gateways auto created or manual?


More info please.



Here's my v4 monitor.


(https://i.ibb.co/8MXpkSj/Capture.png) (https://ibb.co/G7FLmbV)

You can always  try just deleting the gateway and letting Opnsense auto create a new one.

Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on February 24, 2019, 12:10:35 pm
I edited my answer earlier with my config. It looks like yours, except for the default gateway.

<quote>How is your WAN setup is it static, dhcp PPPoE? Are your gateways auto created or manual?</quote>

WAN is up, using DHCP. It's marked as online, depsite dpinger being down.

The OpenVPN gateway is also using DHCP. It was manually created as an OpenVPN client, then the interface was assigned, in the Interfaces section.
Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on February 24, 2019, 12:21:30 pm
I think I've found one of the problems.
All the OpenVPN interfaces had been reset to the LAN NIC instead of keeping their VLAN due to a bug in the Interface sub-routine on 19.1.1.
I've re-assigned all of them and now the single interfaces show up as online in the "Single" view, but dpinger still doesn't start.
Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on February 24, 2019, 12:26:34 pm
Something I've noticed.
The gateway at the top of the list is an OpenVPN one. When it's online, dpinger starts and is marked as green. I have logs.
It goes down, dpinger goes down, depsite the fact that WAN is still up, lower in the list.
Is this the way it's supposed to work? If the only Gateway up is the default, then dpinger is always down?
Title: Re: No routing after upgrading to OPNsense 19
Post by: marjohn56 on February 24, 2019, 12:55:46 pm
If there is no link there is nothing for dpinger to ping against.
Title: Re: No routing after upgrading to OPNsense 19
Post by: interfaSys on March 04, 2019, 02:17:02 pm
Just to confirm.
The replacement box had some changes which made it look like dpinger wasn't working.
OpenVPN connections were established, but content could not flow through due to a cipher issue. That means that dpinger could no ping the monitoring IP.
And the WAN gateway had monitoring disabled for some reason, which is the reason the dpinger service was never started when the other gateways were down.

Thanks for your help marjohn56