Messages

While installing OPNsense rules for the interfaces did you check the block bogon networks and private networks while creating the interface?  This will prevent inter-vlan communications since corporate VLANS are normally on private ranges.  Another thing that you can check would be to see if the port connecting to the Firewall is Trunk instead of access ports.

1- no I didn't activate (Block Bogon/Private networks) on LAN interface but activated them on WAN and WAN 2 Interface only (see the attached pictures)
2- this is the same port that used by (opnsense 16,17, tmg, sophos) and works great only on opnsense 18 the issue appeared making it impossible to be usable in my network

You should not use static routes to comunicate to different subnets while they are directly connected to a routers interface.

I have an internal router that holds the vlans @ 192.168.1.1 with a static rout that redirects any unknown IP (internet request) to opnsense IP (192.168.1.20)
I made a gatway 192.168.1.1 and used it to ad static routes in opnsense (see the picture)
this setup works already on ver. 16,7 and tmg and sophos
this setup simply doesn't work on ver. 18 , where is the issue?

Is there any possibility to reinstall v18 from scratch?

thanks for ur reply, of course I did that but forgot to mention it, twice actually, once performed config after checking for updates and another performed config after before checking for updates. so far no succes and now clue
and tried to modify any option related to vlans on opnsense but no success, but my vlans is on core switch
I'm pretty shure my config is right as the same concept working on previous versions and on another firewalls (tmg & sophos), so it is a big chance it is a bug or some option needs to be modified else ware

Hi all
I have this setup
10 vlans 192.168.1.0/24 - 192.168.10.0/24
Core Switch 192.168.1.1 - 192.168.10.0
Opnsense (ver 16.x) 192.168.1.20
static route on core switch ip 0.0.0.0 sub 0.0.0.0 nxthop 192.168.1.20
opnsense was providing internet to its own sub-net only (192.168.1.0/24) and could not communicate with any vlans until I entered static routes for all my vlans and it worked like a charm for over a year
even after upgrading to version (17.x) it was ok
NOW after upgrading to version (18) back to zero
it can't communicate with any vlans AGAIN
I treble check every thing
recreated static route entries
disabled proxy and nat rules
only one firewall rule to allow any to any
but still can't give internet to users in other vlans exept 192.168.1.0/24
Why is that happened or how can I fix it????????
I downloaded sophos xg home and configured it with the same concept, and with my static routes and it works  great, even more it has very nice web filtering policies and reporting, and it can block SSL websites with out a certificate to be installed to users but it is still in test and afraid from it

But I don't need to build another firewall from scratch
please help

 Hi all
I have this setup
10 vlans 192.168.1.0/24 - 192.168.10.0/24
Core Switch 192.168.1.1 - 192.168.10.0
Opnsense (ver 16.x) 192.168.1.20
static route on core switch ip 0.0.0.0 sub 0.0.0.0 nxthop 192.168.1.20
opnsense was providing internet to its own sub-net only (192.168.1.0/24) and could not communicate with any vlans until I entered static routes for all my vlans and it worked like a charm for over a year
even after upgrading to version (17.x) it was ok
NOW after upgrading to version (18) back to zero
it can't communicate with any vlans AGAIN
I treble check every thing
recreated static route entries
disabled proxy and nat rules
only one firewall rule to allow any to any
but still can't give internet to users in other vlans exept 192.168.1.0/24
Why is that happened or how can I fix it????????
I downloaded sophos xg home and configured it with the same concept, and with my static routes and it works  great, even more it has very nice web filtering policies and reporting, and it can block SSL websites with out a certificate to be installed to users but it is still in test and afraid from it

But I don't need to build another firewall from scratch
please help

for now make it static and make sure its out of the router dhcp range

Hi all
I have this setup
10 vlans 192.168.1.0/24 - 192.168.10.0/24
Core Switch 192.168.1.1 - 192.168.10.0
Opnsense (ver 16.x) 192.168.1.20
static route on core switch ip 0.0.0.0 sub 0.0.0.0 nxthop 192.168.1.20
opnsense was providing internet to its own sub-net only (192.168.1.0/24) and could not communicate with any vlans until I entered static routes for all my vlans and it worked like a charm for over a year
even after upgrading to version (17.x) it was ok
NOW after upgrading to version (18) back to zero
it can't communicate with any vlans AGAIN
I treble check every thing
recreated static route entries
disabled proxy and nat rules
only one firewall rule to allow any to any
but still can't give internet to users in other vlans exept 192.168.1.0/24
Why is that happend or how can I fix it????????
I downloaded sophos xg home and configured it with the same concept, and with my static routes and it works  great, even more it has very nice web filtering policies and reporting, and it can block SSL websites with out a certificate ti be installed to users but it is still in test and afraid from it

But I don't need to build another firewall from scratch
please help