OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: sepei on August 19, 2017, 11:21:43 am

Title: [SOLVED] Multi WAN Problem
Post by: sepei on August 19, 2017, 11:21:43 am
Hello,

I have some problems with an multi wan setup. I got 4 uplinks but on the firewall only the default gateway got access to the internet. If I route clients to different uplinks everything is working fine just the firewall self can't use the other gateways. I also tried to ping from the command line with all interfaces (ping -S) but still only the interface that is the default gateway got access to the internet.

I think the problem started with an upgrade to 17.7 before it worked fine. I use openvpn with the wan uplinks and now I can only use the interface with the default gateway the others can't connect to the serves
Title: Re: Multi WAN Problem
Post by: sepei on August 19, 2017, 11:33:12 am
This fixed it:
EDIT: ASSUMING YOU ARE ON 17.7

# opnsense-patch 0b38eff5f
# /usr/local/etc/rc.filter_configure

But what is this and why its working now?
Title: Re: Multi WAN Problem
Post by: franco on August 20, 2017, 11:30:51 am
We've changed the internal rule generation. Some multi-wan setups rely on suboptimal settings so that patch puts back a safeguard rule that forces traffic out the correct interface instead of following the system setup.

We will add this back with 17.7.1, maybe with an optional off switch as we are still positive about the direction of the effort.


Cheers,
Franco
Title: Re: [SOLVED] Multi WAN Problem
Post by: whitwye on August 21, 2017, 04:02:03 pm
Hi Franco,

Is the "suboptimal settings" thing documented somewhere, perhaps in the form of suggested optimal settings for a multi-wan setup?

Also, just tried the patch. It does not fix the problem I'm seeing: that WAN2 works fine, just until WAN1 has "Enable Interface" unchecked and applied. Of course, this isn't the same thing as WAN1 failing. But logically a working config for WAN2 shouldn't depend on WAN1 being enabled, shouldn't it? I'm open for any advice. I'd really like to get this working. I'm much impressed with the parts of OPNsense that work.

Thanks,
Whit
Title: Re: [SOLVED] Multi WAN Problem
Post by: franco on August 21, 2017, 06:09:00 pm
I posted this elsewhere already, but for the sake of persistency:

https://docs.opnsense.org/manual/how-tos/multiwan.html

Maybe the gateway monitoring is not set up correctly, so that disabling an interface doesn't switch? Ideally, let's not debug in a [SOLVED] thread as this is unlikely the same issue. :)


Thanks,
Franco