OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: lipdogg on March 15, 2021, 03:05:08 am

Title: Subnet Traffic Blocked
Post by: lipdogg on March 15, 2021, 03:05:08 am
Hi All,

New user here, just switched from Untangle Firewall. 

I got OPNSense Setup and updated all to latest version.  My setup is as follows:

Modem -> Opnsense 192.168.2.1 -> Cisco SG350 192.168.2.10 -> VLAN 20-50 192.168.20-50.0.  The VLANs are segregated from the firewall and I'd like to keep it that way.  All inter-vlan routing is working correctly.  Firewall is Core i5-6500 w/ 16GB Ram & 2 - 1gb Intel adapters.

The firewall has one DHCP server 192.168.2.100-200.  Then my switch has it's own DHCP servers w/ DNS for the VLANs.

To  get the firewall to see and allow traffic from my VLANs I've created Gateways, Routes, Firewall Rules and NAT Outbound rules per https://greigmitchell.co.uk/2019/08/configuring-intervlan-routing-with-a-layer-3-switch-and-pfsense/.

The firewall 192.168.2.1 and all devices on 192.168.2.0 can access internet, however all VLANs are being blocked.  Per Firewall Live View, all blocks are coming from a VLAN IP to X.X.X.X:53 on UDP.  I've tried multiple things to unblock DNS and allow it pass to no avail. 

Does anyone have a recommendation on how best to fix this issue?  Should I setup a DNS forwarder?  Should I open port 53?

Please help and thanks in advance!