Messages

After some tinkering with my rules, I found out the Alias wasn't the problem.  I have 2 rules, one called General Access and one for VOIP, each Alias has a list of ip's that can access the internet, rule set to allow all outbound.  Where the 2 rules differ is 'Set Priority'.  On voip I had it set for for VOIP(5) on both settings, General Access was set to Best Effort(0).  And the rules have worked just fine until the 23.7.7_3 upgrade.

Once I changed both rules to the default 'Keep Current' and 'Use main', traffic seems to be flowing again.

Sorry its been awhile.

When this was working, I had the default allow-any-outbound disabled.  We do not allow all IP's to access the internet.  I created a Alias with a list of ~30 host ip's.  Copied the allow any rule and changed the source to the Alias, and this has worked until the above update.

If I disable my alias rule and enable the default allow any rules, i get internet back to my devices, but I dont want that, I want it to work the way I had it with the list of ip's

As advised by @misterjaytee check that section first.

Its most probably either a routing issue or a rule issue (maybe NAT as well).

1. Check your route table
2. Check your rules
3. Go to Firewall > Log file > Live view and show us what is happening the moment you ping
A. Is LAN Ingress allowing ping to 8.8.8.8
B. Does the OPN nat the source IP and do you see egress allow towards the 8.8.8.8?

Regards,
S.

Gateway looks good, tried disabling/enabling and unchecking/checking the primary gateway box.


1. Looks normal
2.  looks normal (hasnt been changed in awhile)
3.  LAN      2023-11-02T17:34:31-05:00   192.168.1.108   8.8.8.8   icmp   Default allow LAN to any rule
    I see the above in green in live log
    I have NAT set to Auto

All of this worked until the last update, I haven't made any changes otherwise.

Look at this thread:
https://forum.opnsense.org/index.php?topic=36688.msg179207


If your WAN side is PPPoE, then go to System -> Gateways -> Single. Edit your WAN_PPPOE connection and make sure that Upstream Gateway is checked. Don't forget to click Save.

This let's OPNSense know that this is your default gateway.

Not using PPPOE

patch for what? Seems a configuration problem.

Config has been working until the patch was installed, I did not make any changes.

I'm not using Unbound DNS on the firewall.  I think I have NAT set to automatic, but I will play around with it when I get home.  I hop0e there is a patch coming out that fixes it, I had to disconnect the WAN from the firewall and plug it into a ASUS Router so I can have some connectivity at home.

WAN is 2gb fiber, ONT into 2.5gb eithernet port on firewall (which is running virtually in proxmox)
LAN= 10.1.x.x
OpenVPN= 192.168.x.x

Firewall itself has connectivity, it can check for updates, ping 8.8.8.8, etc.

I can VPN into my system via separate internet connection and while on that connection can access the internet, ping 8.8.8.8, etc.

LAN side has no connectivity to the internet. It can't ping  8.8.8.8 (can ping the firewall and access the web gui).  TraceRt stops once it hits the firewall.

Of course this all worked before the update, seems weird I can vpn in, and it works just fine (and i can see my LAN side).

Samsung Galaxy S7 and Note 5, connected via Wireless.  Can't download from google play, facebook might update might not, and pandora wont get past the buffering.  On PC everything seems to be working fine (including  Pandora, and Pandora works on Amazon's Alexa).  I have turned off everything (IDS, Proxy, etc), and have the default rule of allowing everything, outbound.  I am running the latest production updates as of 5/19/2016

Any ideas why the phones (which work find connected to 4g or other wifi networks) would have connection problem but the laptops (connecting to the same wireless) don't?