OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: cttechcorp on July 15, 2019, 11:53:53 pm

Title: [SOLVED] Broken Config - Unable to Ping or Update URL Alias
Post by: cttechcorp on July 15, 2019, 11:53:53 pm

I've updated from 17 to 18, and have been configuring additional security and IDS on our firewall over the past week. At some point I have broken my system.   

Updating URL Alias is broken
Trace-route works (but not via ICMP)
Firmware updates are unable to locate mirror
Firmware security audit "pkg: No route to host"
System logs say update_tables.py: error fetching alias url. 
Custom routes: none
Default gateway route appears in the table correctly. 
I can ping the WAN default gateway IP on the firewall itself, but nothing past it.
I can ping the WAN default gateway IP from the LAN net, and everything past it.

It acts like my WAN gateway (cable modem) is blocking outbound ICMP, but ISP says everything is fine, and test pings from the cable modem itself are successful.

I'm not sure what I have broken.   

I've tried disabling all the unnecessary services.  I've disabled all of my new firewall rules.   I've reviewed all the system logs.  There is nothing in the firewall logs about ICMP traffic or otherwise being blocked.   

Can anyone point me in the right direction?    I'm not sure if something broke during the update or if a setting has changed to break the system.

Title: Re: Broken Config - Unable to Ping or Update URL Alias
Post by: cttechcorp on July 16, 2019, 01:34:21 am

So...  the problem appears to have been an IP Alias I added....

Specifically the Gateway Address.    I entered the same gateway address for the alias as my primary wan interface.   

Leaving the field empty fixed my outbound communication problems.