OPNsense Forum
English Forums => Tutorials and FAQs => Topic started by: ciccio on September 03, 2019, 02:47:39 pm
-
Hi, first of all I introduce myself and greet everyone here on the forum.
Today, for the first time I installed opnsense.
I ask you for help right away because I can't use opnsense to "exit" from the internet.
Given that I have another endian firewall that serves other purposes, opnsense serves me for captive portal and http proxy.
long ago I used pfsense and having saved the configuration file I reported the same parameters on opnsense.
network (ISP) --- opnsense fxp0 (static) ---- internal lan (static)
if to the configuration I give as gw the fastweb gw (as in the first firewall) does not even push from firewall towards 8.8.8.8; if instead I use the first firewall as gw everything works !! I have been shaking my head for three days.
What am I doing wrong?
thank you in advance.
-
Can you ping 8.8.8.8 from OPNsense? Interfaces, Diagnostics, Ping, set source to WAN. If not, check that you are allowing RFC 1918 on the WAN interface.
Does ping also work from the LAN source? If not, check that your upstream router has a return route for your LAN subnet.
If it works from both sources, check your outbound NAT. That should be setup by the wizard. If need be, backup your config and start with a clean slate.
Bart...
-
Hi Bart, thanks for the reply. If I set gw the gw of the ping router (from opnsense) it DOES NOT go.
If as gw I set the first firewall (and therefore works on the LAN) everything works.
in WAN I set public ip / subnet and upstream the ISP gw.
But strangely it doesn't work.
I have the impression that something is missing ...
-
You're going to need to add a drawing - it is a bit confusing. Add info about your IP addresses, routers, internet connection, etc.
Bart...
-
Hello. I have attached the layout of my network. as I said there is already a first working fw. the second fw OPNSENSE does not ping even from dashboard (so I don't think packages come out) and the gateway (in dashboard) is always offline.
If I at OPNSENSE do as gw the fw1 works but not as I would like.
-
I'm not sure that sharing the modem between two parallel firewalls is a workable setup. It risks split routing for starters. A more traditional serial setup is to have an edge firewall, a DMZ and an internal firewall:
internet----FW1----dmz----FW2----LAN
If you want the captive portal and proxy, place OPNsense between your LAN and the Endian, so you have a single path out to the internet. Mind allow internal WAN IP's on OPNsense (FW2), since Endian (FW1) will do the NAT.
Bart...
-
if indian is wrking, safe to assume you have disable DHCP server in opnsense?
"If I at OPNSENSE do as gw the fw1 works but not as I would like."
question: is your opnsense setup properly?
is this an initial install (meaning has not work ever since)?
what is your setup? is it 1 wan 1 lan?
in the dash board do you see the status of your WAN?
you can goto interface->diaggnostics->ping
then ping an external domain or IP
if yes, then what is set setting of your client.
IP, gateway and DNS settings?
-
Good morning. In System-Gateway-Single I have what you see in the attachment.
Obviously from interfaces- ping if 8.8.8.8.8 gives me "host down".
The firewall rules are the original ones.
I don't have dhcp in endian. I have DHCP windows server.
Yesterday I turned off endian, given the same endian to opnsense ip address and switched to opnsense ONLY but I had the same problem.
I can't get the gw to work (and go out on the internet).
Some time ago I installed pfsense and it worked. I configured opnsense based on that configuration, but nothing.
PS: the image is cut but i read
GW_WAN
gw isp 0.0 ms 0.0 ms 100.0 % Offline
-
is the WAN interface correct? imean does it have the correct IPs/gateway of your ISP?
is your fiber modem configure as router or bridge?
I would delete all your current GW and set it up again..
it is odd to have a GW_lan_net if you have only 1 WAN
in opnsense->interface-diagnostic-ping
ping your modem/router, see if you can
(select your wan interface or if you get public ip then ping any public address)
you could also set it up suing command line
using #2
you should be able to set up initial wan and lan
-
i'm sorry. was the cable :(
now works fine
thanks to all
-
good to hear that
-
thanks
-
Please guys help me . I'm installing OPNsense for the first time and my problem is I cant get WAN IP. 1 have to ports, port 1 : connected to the internet and port 2 : not connected to any machine. what will I do?
-
Please guys help me . I'm installing OPNsense for the first time and my problem is I cant get WAN IP. 1 have to ports, port 1 : connected to the internet and port 2 : not connected to any machine. what will I do?
you have to complete your problem...
have you configure it already? at what stage of installation are you? you do have keyboard access to the menu?
could you provide screen shots?