OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: Noctur on November 01, 2016, 04:44:22 pm
-
All - Trying to set up a transparent bridge as per this document in the How-To section of the Wiki: https://docs.opnsense.org/manual/how-tos/transparent_bridge.html
I've followed directions using the 16.7 production and the 17.1 alpha software and have not met with success.
My setup: i5 quad with 8gb RAM, 240gb SSD, multiple Intel NICs. Cabled up as: DOCSIS 3 Modem --> WAN on opnSense box, LAN on opnSense box --> WAN on Asus AC68U, following the Wiki How-To precisely. I've also tried Modem-->WAN opn, LAN opn -->WAN Asus, Opt2 em2 as Mgt port on opn box --> LAN Asus, with WAN, LAN, Opt1 Bridge WAN/LAN, and Opt2 Mgt port bridged to Opt1 bridge.
I need to retain the AC68U for some features it provides, otherwise I'd set opnSense up as a router. I can get to the management console on opnSense with either cabling/setting scenario, but I cannot get outside. The opnSense sys cannot complete a firmware update check. Prior to performing the instructions on the How-To, the system works as expected and Suricata & Country filter works.
Any assistance or a point in the right direction appreciated. TIA
-
Hi Noctur,
If this is only about firmware updates not working from the box that is likely a DNS setup issue. Try setting DNS servers under System: Settings: General and see if that helps.
Cheers,
Franco
-
Thank you for the reply Franco.
DNS was set up in Setttings --> General with 2 servers pointing to US based servers (other countries banned in Suricata), but the servers don't keep records and are DNS-SEC capable. Maybe they're not 'mainstream' enough?
The firmware on both was working as expected prior to walking through the How-To to enable Transparent Bridge.
I'll try again with 16.7 using plain DNS providers like Google and OpenDNS to see if that changes anything. Thanks again!
-
Can you provide the /tmp/rules.debug file for trouble shooting? Privately to franco AT opnsense DOT org if you want.
-
Thank you! PM'd you a before and after log.
-
Hey @franco, any thoughts on this? TIA
-
Still working through this...
I managed to get the box to pass internet *and* establish a connection through a management interface. However, following the instructions did not work for me. Instead, at the point where it states create the management interface by adding the bridge of WAN and LAN as a new interface OPT1, I had to add an interface with a 3rd NIC (OPT1) and provide it a static IP.
I can now get to the WEB management UI and have internet passthrough. However, I cannot get the system to successfully perform a firmware update check via UI, getting a "Repository Problem" error and was not successful using Option 12 on the console and getting similar errors.
edit: And IDS/IPS rules do not update...
Any recommendations on solving this new twist?
-
Does anyone have Transparent Bridge functioning on 16.7.x? TIA
-
Looking through the various threads, there are scattered issues with transparent bridge setups. So it looks like there's a problem that's unaddressed. Hopefully it will be resolved in the 17.x release.