OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: deltatux on February 05, 2019, 04:58:33 am

Title: OpnSense Upgrade to 19.1 Seems to Completely Break WAN on VirtualBox
Post by: deltatux on February 05, 2019, 04:58:33 am
Hi all!

I've been running an Opnsense router/firewall configuration for the past 2 years without fail as a virtual machine in VirtualBox. The VM has been humming along since 17.1 and I have been quite happy with it so far.

Unfortunately, there seems to be something in Opnsense 19.1 that would completely brick the installation as I have been unable to connect to the Internet with it after upgrading from 18.7_10. It seems that after upgrading, my network would send packets out through the WAN interface no problem but blocks all inbound traffic except ICMP. Every time it does that, it says that it matches the "default deny rule" and drops the packet.

I have even tried erasing the entire VM & start from a fresh install of 19.1 but to no avail, even on a clean build, it keeps dropping the packets which makes it a very frustrating experience. After 2 hours, I decided to try a roll back by doing a fresh install of 18.7 and it looks like doing that fixed the issue. There seems to be something in 19.1 that doesn't play well with my set-up & I don't know if it's because it's in a VM on VirtualBox.

My configuration
Host OS: Debian 9 "Stretch" 4.9.130
VirtualBox 6.0.0
LAN (br0): enp3s0, enp3s1 (bridged, bonded: balance-alb)
WAN (eth1): eth1 (traffic is blocked on iptables from allowing traffic in/out to the host OS, only open to the VM)
Guest: OPNSense
NIC1: bridged, virtio --> br0 (LAN)
NIC2: bridged, virtio --> eth1 (WAN)

Does anyone have any ideas why Opnsense 19.1 would kill all of my WAN traffic?

Thank you.

Cheers!
Title: Re: OpnSense Upgrade to 19.1 Seems to Completely Break WAN on VirtualBox
Post by: franco on February 05, 2019, 09:22:37 am
Maybe this is related: https://github.com/opnsense/core/issues/3173

Fix today in 19.1.1 but workarounds exist. Just a guess for now.


Cheers,
Franco
Title: Re: OpnSense Upgrade to 19.1 Seems to Completely Break WAN on VirtualBox
Post by: deltatux on February 05, 2019, 03:46:22 pm
Maybe this is related: https://github.com/opnsense/core/issues/3173

Fix today in 19.1.1 but workarounds exist. Just a guess for now.


Cheers,
Franco

Hi Franco,

Thanks for your quick reply, much appreciated. I'll clone my production VM & test these settings out to see if it resolves the issue as well.

Thanks!

Cheers,
deltatux