OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: PeterESutton on December 31, 2017, 06:35:54 pm
-
I have struggled to get my head around OPNsense which I am looking at for routing between subnets and controlling access to Internet.
I have eventually got a subnet on the inside accessing the internet and to another inside subnet.
Now I want to remove the NAT going out to the WAN since the WAN connects to an ISP router also doing NAT. So I turn off outbound NAT.
I now cannot get to the Internet. I cannot ping the ISP router.
I was wondering whether issue is routing so added RIP for all subnets. Do I have to manually add a route onto the ISP router to say go to my OPNsense box for the following subnets ... . Or is it something else I am doing? Any help or examples or documents explaining this process would be welcomed.
Thank you,
Peter
-
Routing protocols do only work if all routers can receive all routes - which means your ISP router needs to understand RIP. In your case, Your ISP router only needs static routes for the networks behind OPNsense - Routing protocols are for bigger setups.
-
Thank you very much. This is what I thought. I do not think my ISP supplied router allows the addition of routes -
have looked and have searched. So will stay with double-NAT. Resigned to the fact that if I need to alter this looks like I will have to upgrade the ISP-supplied ADSL router/modem device to something a bit more sophisticated. Peter
-
If you only need ADSL+ and not VDSL, I've found the TP-Link TD-8616 to work well with OPNsense and PPPoE. It is out of production unfortunately.
Using only the ADSL modem makes things a lot simpler on the firewall.
Bart...
-
Draytek xDSL modem:
https://www.draytek.de/vigor130.html
There is an older model without vDSL, DrayTek vigor120(b), but to be ready for vDSL I'd take the newer one.
The 130 is in fact a little router, but can be put into a pure bridged modus.