OPNsense Forum
English Forums => General Discussion => Topic started by: quirkyferret on April 10, 2018, 05:18:34 pm
-
I feel like I'm missing something obvious since I can't find much on this.
I'm trying to set up a DMZ. Opnsense deployed on Protectli 6 port router. Everything workes for my LAN setup.
I have also set up an OpenVPN client, following the instructions herehttps://forum.opnsense.org/index.php?topic=4979 (https://forum.opnsense.org/index.php?topic=4979) Everything works as okay with this too. the OpenVPN interface is named 'IVPN', and it shows as OVPNC2 in interfaces, with all 0 for the MAC address.
I enable a new physical interface as DMZ , set it as 192.168.2.1 /24 I configured the DHCP server for it, and then created rules for the interface, cloning the 'allow any to any' rules for the LAN to test. (using 8.8.8.8 as the DNS provided, if that makes a difference)
I plug a device into the port, and i see the link go from down to up in the dashboard. Confirm I'm pulling a DHCP address in the range, but i have no connectivity past the firewall. When I check the firewall logs, filtering for the IP of my test device- 192.168.2.101, i do see DNS traffic hitting the firewall, and showing as ALLOWED. However... it shows under the IVPN interface, not as the DMZ interface.
I've tested a few things- updating, deleteing rebooting, rebuilding, rebooting, and searched for tutorials on setting up DMZs. If I'm understanding it right, i don't need to create a gateway- none of the tutorials mention that, and i notice the LAN doesn't require one.. and it states i don't need to create routes between different interfaces under the route tab. What am I missing?
I'm also assuming that my connectivity issues are the traffic showing up on the wrong interface, but I suppose it's possible these are two separate issues. Any help would be greatly appreciated.