OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: GasmanC on August 11, 2017, 12:29:59 pm

Title: Transparent bridge - unable to reach internet (nor GUI anymore)
Post by: GasmanC on August 11, 2017, 12:29:59 pm

Hi All,

I'm having a bit of a problem setting up a transparent firewall (eventually for IPS). I followed the instructions here: https://docs.opnsense.org/manual/how-tos/transparent_bridge.html and was able to create the bridge. I also added my upstream router (which provides dhcp) as a gateway and added that to the bridge settings. Initially I was able to log into the web GUI from desktops downstream of the firewall, but wasn't able to reach the internet. After a reboot, I was no longer able to reach the GUI from downstream desktops. I'm not sure what I e dong wrong, but this has happened twice now. Is there anything different with 17.7 as the guide I'm following was originally for 15. I have searched for the answer and returned this post: https://forum.opnsense.org/index.php?topic=5162.0 but so far I haven't been able to fix it. Any hints, tips or tricks I'm missing?
Many thanks

Title: Re: Transparent bridge - unable to reach internet (nor GUI anymore)
Post by: GasmanC on August 12, 2017, 04:21:44 pm

Managed to get it working on my third attempt. Found out what was the culprit - just don't know why. Turned out I couldn't connect after I added an upstream gateway as my router and added it to the Br interface. For some reason the broke everything and I was no longer able to connect to the GUI or reach the internet. Does anyone know why this happens?

Did a factory reset and followed the wiki to the letter and I have the transparent bridge configured. I removed all the rules from the WAN interface and added and allow all rule - this let me reach the internet from downstream devices.

HOWEVER..... whilst I can reach the internet from behind the opnsense box, the box itself can't reach the internet. I can't update the firmware (could not find the repositories) and can't download the suricata rulests. From the console, if I ping google.com I can't resolve host, and if I ping 8.8.8.8 I get can't find route to host.

So, where do I go from here? Anyway for my transparent bridge to reach the internet so I can download the suricata rulesets?

Thanks in advance