OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: szurubooru on September 28, 2020, 03:46:22 am

Title: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 03:46:22 am

Hello, i have dhcp running o my lan

when i receive the ip adress (136.***.***.225) on a client i can access the intenet inside the client

but i have a problem i cant figure it out

i have a webserver running on port 9999
but the firewall is blocking it
if i disable the firewall temporarily i can access the port 9999

i tried many options in lan rules but nothing worked

how can i create a rule to allow access to port 9999 for the lan dhcp ip ?

(https://i.ibb.co/jGnRWvm/image.png)

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 06:27:59 am

Hello .  first start using a class of private ip for the lan.

Title: Re: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 06:31:58 am

How would i do that ?
any example

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 06:35:14 am

10.0.0.0        -   10.255.255.255
172.16.0.0      -   172.31.255.255
192.168.0.0     -   192.168.255.255

Title: Re: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 06:42:03 am

Hello, i dont understand
do i have to change my lan ip with one of those ips ?

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 06:47:13 am

you are not using proper lan configuration because you are not using private ip.  start configuring the LAN better

Title: Re: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 06:49:52 am

can you be more specific pls

im not a expert

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 06:57:12 am

For ex. 192.168.10.1/24
Dhcp start from 192.168.10.100
 And 192.168.10.200


Inviato dal mio iPhone utilizzando Tapatalk

Title: Re: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 07:05:05 am

i have a subnet 29 from hetzner

i am not running this on my local pc

if i use the private ip how am i supposed to serve my website to the public ?

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 07:18:24 am

it is not easy if you have no experience, you must know nat and portforwarding. I did not understand well, did you give your webserver a public ip?  can you detail your configuration?

Title: Re: Lan dhcp ips firewall rule ?
Post by: szurubooru on September 28, 2020, 07:32:02 am

i am running opnsense as a virtual machine in proxmox

i have a additional ip 148.***.***.158 for WAN
and i have a subnet 136.***.***.224/29 for LAN

both are configured as static

the LAN ip is using the first ip of the subnet 136.***.***.224

so i am accesisng the gui using 136.***.***.224 on LAN

then i have enabled DHCP on LAN
with start 136.***.***.225 to end 136.***.***.230

so when i create a ubuntu desktop virtual machine i can obtain an ip from opnsense
and i can browse the web with the obtained ip inside ubuntu virtual machine

but the ubuntu cant be pinged from outside because firewall blocks it unless i disable the firewall

so there should be some rule to setup but i tried so many rules and nothing helped

Title: Re: Lan dhcp ips firewall rule ?
Post by: Silver77 on September 28, 2020, 07:46:52 am

opnsense by default has no traffic blocks on the lan, all traffic is allowed. sorry but I still don't understand.  the ip you are using for the lan were provided by a provider?  are ip public?