OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: kyferez on July 05, 2017, 03:16:02 pm
-
I asked this question on the 16.7 forum, got no help, and have since upgraded to 17.1 so am re-posting with a little more detail here.
So I have 1 interface, and only 1 interface. I have no way to create more. Think of it as if there is a VM and it's only allowed one interface. And I cannot use VLANs because my VMs are contained in a virtual one and I'm only given 1 to work with.
So I need to be able to use subnets to simulate disparate networks - keeping it all on the one VLAN. Therefore, I need to do routing for those multiple subnets using 1 interface. Basically a router on a stick without VLANs...
Is this possible on OPNsense? I know a NetScaler can do this because their design flexibility does not bind IPs to interfaces unless you tell it to.
Please let me know if this is possible and if it is, how I can accomplish it.
-
So I know about Virtual IPs.
I tried configuring one but it does not seem to work. I can't ping the VIP from another PC on the same subnet. I don't know if I'm missing something in the configuration. I added Firewall allow rules for that Subnet, and the firewall logs show an allowed packet for ICMP, but the VIP does not respond.
I found out why it doesn't respond... It's sending the reply to the default route instead of back to the souce MAC. WHY? See attached.
-
So I think the reason it's failing is because it's not honoring the routes. Routes and VIP Attached.
-
So PFsense does the same thing. Virtual IPs apparently are not designed to work like a true VIP.
I even created a new gateway, using the VIP, and added a new route to use the new gateway. Still doesn't follow the rules. The VIPs ONLY want to route out the default gateway :(
-
Franco,
Can you answer why VIPs only route out the Default Gateway? Is it by design? If not, can you test and verify if you can make it route out a different gateway? I'm stuck...