Messages

Damn, I woke up this morning and I remembered i probably forgot to remove the flag "Disable Gateway Monitoring" after the re-configuration.
Today I'm not at work and I can't test it.
I'll do it the next week.
Thank you very much mimugmail for the support.

Sorry guys, but has anyone been testing multi wan on opnsense 18.1?
Just to understand if I'm the only one having troubles!

I made a factory restore and started form scratch.
My configuration, as describe before, is a gateway group with 2 gw:
  isp1 Tier 1 (also default gw)
  isp2 Tier 2.
  Trigger Level = Member Down

1) I mark down the gateway Tier 1:
    the isp1 gw status dosn't change (stay online).
   I get the same behaviour if I unplug the cable.

2) I mark down the gateway Tier 1:
    the isp2 gw status dosn't change (stay online).
   I get the same behaviour if I unplug the cable.

3) If I disable the isp1 gw, the connection gets corretly switched.

Please, may anyone test this "simple" scenario with 2 internet connection in fail over configuration.

Note: I also took care to set monitor ip different from the dns i set in system / settings / general.
Note 2: it behave the same also with "Trigger Level" Packet Loss.

I think the problem i repeatable.
I would like to open a bug report but it would be great if someone else can confirm it first.

[and]

Thank you for you reply.
I'd suggest to change the documentation then:

Example configuration

As DNS's and monitor ip's we will utilize google's DNS services 8.8.8.8 and 8.8.4.4

Do you agree?

Hi, I was wondering if using the same ip for dns and monitoring ip may cause problems.
I ask this because I'm testing pfsense as well and there are concerns about routes and monitoring ip.
https://forum.pfsense.org/index.php?topic=145739.msg792964#msg792964

Setting a particular address for a monitor causes the system to static route it through a particular gateway. Setting one of the system DNS servers to a particular gateway also causes the system to static route it. If you are not careful, you can cause the monitor to flap between two gateways. From your description, it sounds possible you have encountered this problem.

I know OPNsense share very little with pfsense but the logic may be the same.

I checked by myip.com, ping.eu and other sites that shows my public ip.
I also checked form by linux pc querying opendns directly by command dig (no possible browser cache related problem there).

I also tested the real world scenario unplugging cables.

When I unplug isp1/Tier1 cable, both gateway go down, connections doesn't work off course.
When I unplug isp2/Tier2 cable, on the right gw goes down and connection works.

Note: "Trigger Level" is set to "packet loss or high latency".
I noticed it may behave differently if I set "Trigger Level" to "member down".
I'll report back after few more tests.

I ask the same question on another way:
why matching only the DNS requests?
When I set WANGWGROUP as gateway in the lan rule, I can't ping OPNsense anymore.

I also notice that OPNsense reason in different way of linux based firewall:
a request for the firewall ip itself, on linux based fw is not going to be routed.

Second, when editing fw rules on OPNsense, I thought that selecting 'default' as gw, it was going to use the gateway marked as default.
Instead it means the firewall itself it seems.

Hi all, I successfully configured multi wan.
Now I'm playing with it to check if it works as I expected, and guess what...it doesn't  :D

My gateway group is named 'wangrp' and has 2 gateways
isp1 Tier 1 (this is te default gw)
isp2 Tier 2

On system / gateways / all I set 'Mark Gateway as Down' on the the gw isp1.
I check my ip by 'dig +short @resolver1.opendns.com myip.opendns.com' and also by sites like ping.eu and I still see the isp1 public ip.

I was expecting to see isp2 public ip.

I remove the flag 'Mark Gateway as Down' and aplly changes and check the publick ip.
Now both gateways are up so I expect to exit with isp1 but checking the publick ip, I see isp2 ip.
The exact opposite.
on Gateway / Status they are both online.

I repeated the procedure disabling the the isp1 gw instead of marking it down.
This time the connection is correctly router through isp2 gw.
I re-enable isp1 gw but I still get routed through isp2 gw (Tier 2) instead of isp gw (Tier 1).
Note: I disabled Sticky Connection' on firewall advanced settings.

Am I missing something?

[why]

Followinf the documentation, at step 5:

Add a rule just above the default LAN allow rule to make sure traffic to and from the firewall on port 53 (DNS) is not going to be routed to the Gateway Group that we just defined.

I don't undestrand why it's wrong to use the gateway group for dns queries instead of the default gw.
Could you explain it?

First of all, thank you for your quick replies.
Yesterday I was a bit in a hurry and didn't read carefully all instructions.
I also noticed I posted psSense documentation instead of OPNsense.
It's one of the first google search results looking for 'opnsense reset password'.

Since 18.1 there is a password reset tool in the installer image as well.

Nice tool.
Correct me if I'm wrong, it's not yet documented right?

I did it.
leaving the default password works.

Btw, it's a bit confusing when the wizzard asks about Admin password.
Honestly I confued it as the name to use log in (I also tried with root tough).

Hi all, I have a fresh installed opnsense 18.1 serial.
I want to try to reset the password.
Reading the documentation

If the password for the system has been forgotten it can be reset easily with console access. Get to the physical console (Keyboard/Monitor, or Serial) and use option 3) to reset the WebGUI password.

Sound pretty easy but I see the login prompt instead of the menu the guide speaks about.

I don't think it's a keyboard layout problem.
When i ran the wizzard form live, I type the password in my browser, so there's no possibility to have the wrong key.
Nonetheless, to be even more suer, the second time I run the wizzard, I typed the password on my text editor, then copy/pasted it.

When I run the installer, I selected my keyboard layout (it).
So it should be fine.
The password I inserted was pretty simple: no symbols, number, upper case.

I also tried installed it on the hard drive (user installer and password opnsense).
After the first boot and wizzard, I have the same problem: can't login with admin, Amin, root.

Hi, I just downloaded opnsense amd64 serial and flashed it on a usb pen drive.
I booted and alix and logged in 192.168.1.1 ad root opnsense.
I followed the wizard.
I changes the lan and wan ip address and the admin password.
I opned the web interface from the lan ip but I can't login with user 'admin' and my new password.
I repeated this two times.

Any idea?