1
24.1 Production Series / Connections are disappearing in firewall
« on: February 02, 2024, 08:56:12 am »
I got a few virtual machines. All these machines are running in their own VLAN. Those VLANs should all be separated from each other, so I installed a floating rule which blocks all requests in direction "out" with the destination <alias for all VMs>. I also allow all VMs to establish connections in the direction "in" to any destination.
I also got a rule that allows ICMP in the direction "out" with the destination <alias for VMs> and a rule that allows SSH in the direction "out" with the destination <alias for VMs>. Those should be all releavnt floating rules, I also got some interface specific rules for the different functionalities of the VMs.
My Problem: this setup works with 4 out of 5 virtual machines. I can ping them, I can connect to them via SSH, but with one machine nothing works. interestingly,this machine also cant connect to the internet , although it should be able to do this. The other machines can connect to the internet.
I can ping this VM using the diagnostic tools in the firewall and vice versa. But all connections from my laptop only reach the opnsense. When I look into the "live view", i can see the connections in the direction "in" to the firewall, but no matching connections "out".
What am I doing wrong here? I look forward to any answer!
I also got a rule that allows ICMP in the direction "out" with the destination <alias for VMs> and a rule that allows SSH in the direction "out" with the destination <alias for VMs>. Those should be all releavnt floating rules, I also got some interface specific rules for the different functionalities of the VMs.
My Problem: this setup works with 4 out of 5 virtual machines. I can ping them, I can connect to them via SSH, but with one machine nothing works. interestingly,this machine also cant connect to the internet , although it should be able to do this. The other machines can connect to the internet.
I can ping this VM using the diagnostic tools in the firewall and vice versa. But all connections from my laptop only reach the opnsense. When I look into the "live view", i can see the connections in the direction "in" to the firewall, but no matching connections "out".
What am I doing wrong here? I look forward to any answer!