OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: greY on August 02, 2017, 10:01:28 pm

Title: No internet connection after upgrade
Post by: greY on August 02, 2017, 10:01:28 pm

Hi guys!
after upgrade from 17.1.11 to 17.7 no internet connection is possible.

-WAN interface is online and gets an IP over DHCP
-WAN DHCP gateway is also shown as online

But still no connection is possible (no ping, no dns lookup possible)

Do you have any ideas where to check for the issue?

Alex

Title: Re: No internet connection after upgrade
Post by: bartjsmit on August 02, 2017, 10:19:14 pm

Check for firewall rule denies in the logs. Are you trying from the firewall itself or an internal host?

Bart...

Title: Re: No internet connection after upgrade
Post by: franco on August 03, 2017, 07:42:12 am

Do you use floating rules? Specifically, vital floating rules with gateway routes that are set to "quick" ?

Title: Re: No internet connection after upgrade
Post by: remd on August 03, 2017, 06:29:07 pm

Thanks for the tip, I had a related issue with a VLAN after the update, and removing the "quick" from the floating rules made it work again...after a few min.

Title: Re: No internet connection after upgrade
Post by: franco on August 03, 2017, 06:42:49 pm

There is a patch mentioned in the release notes:

o A regression in floating rules in 17.7 does not honour the non-quick setting[5]. Run "opnsense-patch f25d8b" from the command line to correct this problem.

It will be part of 17.7.1.


Cheers,
Franco

Title: Re: No internet connection after upgrade
Post by: greY on August 03, 2017, 07:32:32 pm

Hi,

no, there are no floating rules defined.
WAN rules are: http://www.directupload.net/file/d/4803/ou9kk9em_png.htm
LAN rules are: http://www.directupload.net/file/d/4803/9b3r9z87_png.htm

This is how my WAN interface looks like: http://www.directupload.net/file/d/4803/zlm4792c_png.htm

The box itself has no internet connection too, I cannot apply those hotfix.

br, Alex

Title: Re: No internet connection after upgrade
Post by: remd on August 03, 2017, 07:38:48 pm

Quote from: franco on August 03, 2017, 06:42:49 pm

There is a patch mentioned in the release notes:

o A regression in floating rules in 17.7 does not honour the non-quick setting[5]. Run "opnsense-patch f25d8b" from the command line to correct this problem.

It will be part of 17.7.1.


Cheers,
Franco

Thanks but the patch didnt seem to work for me, I still have the same problem afterwards, one particular pc in a vlan should be able to access the firewall, it can't if I check "quick" and its a hit and miss if I uncheck, seems like the rules are not always applied in order?
I'll look more into it tomorrow, didnt mean to hijack this thread so I'll open a new one if needed.
EDIT: I left the "quick" on in the block rule, now that I removed it, it seems to treat the rules in order. The "quick" option however still doesnt seem to work

Title: Re: No internet connection after upgrade
Post by: greY on August 03, 2017, 08:17:22 pm

Is it possible to completely disable the firewall for testing?

*if I try to ping any host from the internet via local console, I get "No route to host"
Are there maybe some standard routes missing?