OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: overopn on April 23, 2018, 01:42:54 pm
-
Hi, this is a new setup running on a VM (Xenserver) with 2 NICs.
I have setup one for WAN, one for LAN. From my LAN, I'm unable to access internet (ping 8.8.8.8 fails).
I have same setup running a fresh install of pfsense, have similar problem. I needed to add a firewall LAN rule to LAN net to access to get it working on pfsense.
pfsensefirewall.jpg (https://filedn.com/l3TGy7Y83c247u0RDYa9fkp/temp/pfsense/pfsensefirewall.jpg)
I see OPNSense have setup that rule automatically (nice), but the firewall logs shows it passes (e.g. 10.0.0X)
opnsense1.jpg (https://filedn.com/l3TGy7Y83c247u0RDYa9fkp/temp/pfsense/opnsense1.jpg)
opnsense2.jpg (https://filedn.com/l3TGy7Y83c247u0RDYa9fkp/temp/pfsense/opnsense1.jpg)
opnsense3.jpg (https://filedn.com/l3TGy7Y83c247u0RDYa9fkp/temp/pfsense/opnsense1.jpg)
-
It looks like your XEN is behind another firewall? If so, in Interfaces/WAN make sure "Block private networks" isn't enabled.
-
It's behind another router. Nope "Block private network" is unchecked.
The same setup works with pfsense VM fine, and both are fresh setup. I configured the same way as pfsense.
-
I need to manully add NAT outbound rule to any to get it to work. The auto generated rule does not allow it.
-
I am new to Opnsense(PFSENSE user for many years) and am running OPNsense-18.1.6-OpenSSL-vga-amd64.img.bz2. From what I can tell all is setup correctly but my lan is not able to access the Internet. Following is what I have done:
1) From the Interface diags I can ping an address on the Internet.
2) From my lan workstation I can resolve a DNS name but I cannot ping, nor bring up a webpage.
3) Ran a packet capture on the Lan and see the attempt. Ran a capture on the WAN, filtering on the Internet destination address, and I see no packets.
I'm thinking this means my private addresses are not being natted? How else can I isolate why this is happening?
Thank you.