Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - gica78r

Pages1
#1
18.7 Legacy Series / Re: install Firewalla in opnSense
January 24, 2019, 05:29:04 PM
Hi! I don't think you can install firewalla into an OPNsense box. On the firewalla github repo you can find instruction to install it on a Raspberry Pi on top of Raspbian Jessie. A few months ago I tried to install it on the latest Raspbian (Stretch) but the installation failed.

Regards,
Gica
#2
18.7 Legacy Series / Dual wan setup not working
January 22, 2019, 11:00:12 PM
Hi everyone. This is my first post on the forum but I can't find an answer in older posts.

I'm experiencing a strange issue. This is my setup:

Software: OPNsense 18.7.10_3-amd64
Hardware: PC Engines APU 1d4
Wan configuration

  • wan1: pppoe0 (re2_vlan666)
  • wan2: pppoe1 (re2_vlan667)

So my two gateways are configured over two logical vlan interfaces, both with pppoe. I have a gateway group called WAN, where wan1 is the main gateway (tier 1), while wan2 is the backup gateway (tier 2). The DNS servers are configured in the right way, one server per gateway (I'm using OpenDNS servers: 208.67.220.220 and 208.67.222.222). To monitor the status of the gateway I'm using the Google's DNS server addresses (8.8.8.8 and 8.8.4.4).

Issue description: if both gateways are online, all works fine and wan1 is the default route:
Code Select
root@apu:~ # netstat -r
Routing tables

Destination        Gateway            Flags     Netif Expire
default            192.168.100.1      UGS      pppoe0
8.8.4.4            10.4.55.92         UGHS     pppoe1
8.8.8.8            192.168.100.1      UGHS     pppoe0

....
....
208.67.220.220     10.4.55.92         UGHS     pppoe1
208.67.222.222     192.168.100.1      UGHS     pppoe0


If the main gateway goes offline, the backup link works for a few seconds (I can see my public ip change) and then the firewall stops forwarding traffic; the second gateway stays online, but the firewall misses a default route:

Code Select
root@apu:~ # netstat -r
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
8.8.4.4            10.4.55.92         UGHS     pppoe1
....
....
208.67.220.220     10.4.55.92         UGHS     pppoe1


This issue happens both with active/standby wan links and active/active (load balancing) wan links. I tried to configure one of the gateways as the default one, bot nothing changed.

It can be possible that this issue is due to the fact that I'm using two logical interfaces on the same physical interface for the wan links? Has anyone had the same problem?

Thank you in advance!
Pages1