Messages

1

18.7 Legacy Series / Re: UDP Broadcast blocked on in-active Interface

« on: August 23, 2018, 08:28:24 pm »

SOLVED !!!

Seems to have been some weird ARP issue - all switches and & opnsense have been rebooted - now no more bad packets on wrong interfaces

THANKS forum!

2

18.7 Legacy Series / Re: UDP Broadcast blocked on in-active Interface

« on: August 23, 2018, 08:02:00 pm »

hey marjohn56

thanks for your answer. Mabye I am not laying it out right:

the broadcast message blocked:
LAN   Aug 22 20:27:57   10.77.1.238:50508   255.255.255.255:10001   udp   Default deny rule

is arriving in on the wrong interface: 10.77.1.0/24 net is assigned to OPT1_VLAN_77 and not the physical LAN interface which of course does not have a VLAN assigned (not possible - or I am starring at the wrong tree in this forrest).

I cannot create a rule for this (wrong netowrk on wrong interface) or assing the LAN to that nework.

3

18.7 Legacy Series / Re: UDP Broadcast blocked on in-active Interface

« on: August 22, 2018, 09:28:09 pm »

The LAN Interface is assigned yes - but not enabled as such, as I only need interfaces with vlans configured. everything else is working though, just not the broadcast.

Is is recommended to have the parent Interface active when just working with interfaces based on vlans?
Does it need to be in a specific vlan? Or can I just assign an unused network like 192.168.1.0 and be done with it?

thanks again

4

18.7 Legacy Series / Re: UDP Broadcast blocked on in-active Interface

« on: August 22, 2018, 08:41:38 pm »

And forgot to mention it - of course I cannot create a corresponding fwl rule cause the interface ain't there ...

5

18.7 Legacy Series / Re: Need help setting up vlans with OpnSense and Cisco Switch.

« on: August 22, 2018, 08:36:50 pm »

either use 2 seperate interfaces on your firewall or create vlans on the firewall - the physical interface i.e. LAN then transports vlan 10, 20, 30 (example) - cisco switch port must be configured as trunk though (allow all vlans through) - all other ports must be so called "access ports" on specific vlans i.e 10 or 20 or 30.

on the firewall just have dhcp running for each network on each vlan

vlan 10   10.1.10.0/24  default gw (interface of fwl) 10.1.10.254   dhcp range 10.1.10.1-100
vlan 20   10.1.20.0/24  default gw (interface of fwl) 10.1.20.254   dhcp range 10.1.20.1-100

and so on

6

18.7 Legacy Series / UDP Broadcast blocked on in-active Interface

« on: August 22, 2018, 08:33:12 pm »

Hi Forum

Background: went from a smoothly running Monowall to Opnsense . Having following issue though:

3 x VLANs all running on the physical LAN Interface which itself is not active of course.
BUT - it seems that broadcast get block on the LAN Interface itself:

LAN   Aug 22 20:27:57   10.77.1.238:50508   255.255.255.255:10001   udp   Default deny rule

Bug or Feature?

Goal would be to use 3 vlans for 3 subnets wich different rules and wifi networks, this on a switch port (trunk) which forwards all 3 vlans --> all working allright - just the broadcast.

Should I enable the LAN again within the vlan that the device resides in? Little lost here.

Thanks!
phab