Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - asood

Pages1
#1
18.7 Legacy Series / Re: static route on WAN Interface with default route not working
March 05, 2019, 02:46:54 PM
I ran into a similar problem and the solution for me was to create another firewall rule
to allow from the lan subnets
with the destination subnet of the static route
via the desired gateway of the static route.

And it must be applied before the default lan to wan via default gateway rule.
#2
General Discussion / Re: adding static routes for a network so it can see the internet
March 05, 2019, 02:44:36 PM
I ran into a very similar problem.

I finally figured out why it didn't work. I was missing the step of adding a firewall rule which is applied before the default lan to wan via default gateway rule. I don't know if I just missed it or it isn't included in the documentation.
So the solution for me was to create another firewall rule
to allow from the lan subnets
with the destination subnet of the static route
via the desired gateway of the static route.

And it must be applied before the default lan to wan via default gateway rule.
#3
General Discussion / Re: Static Routes Not Working
March 05, 2019, 02:36:30 PM
Hello. I finally figured out why it didn't work. I was missing the step of adding a firewall rule which is applied before the default lan to wan via default gateway rule. I don't know if I just missed it or it isn't included in the documentation.
So the solution for me was to create another firewall rule
to allow the lan subnets
with the destination of the static route
via the desired gateway
and it must be applied before the default lan to wan via default gateway rule.
#4
General Discussion / Re: Static Routes Not Working
March 04, 2019, 10:21:08 PM
Unfortunately, the static routes set through ssh stopped working after a reboot  :(

With the WAN interface set to use DHCP, the static routes set through the web interface work perfectly.
However, if the WAN interface is set with a static IP and manual gateway, the static routes do NOT work.
I'm at the end of my skills and patience. This is a very simple set up which should just work.
Does anyone know how to get the static routes to work with the WAN interface set with a static IP and manual gateway (instead of DHCP)?

A Sood
#5
General Discussion / Re: Static Routes Not Working
March 04, 2019, 09:42:23 PM
I got it the static routes to "stick", but it really seems like a hack which shouldn't be necessary.
No matter what I did or tried through the web interface, the static routes just would not take. I tried different combinations of the gateways with default enabled or disabled, different settings for the WAN interface...

Finally, the way I got the static route to take was by ssh into the OPNsense and then create a route
(route add -net 1.1.1.0/24 2.2.2.2^ where 1.1.1.0/24 is the destination subnet and 2.2.2.2 is the gateway).

Note: the gateway (2.2.2.2) must not be set through the web interface.

Hopefully, this will help anyone else with the same issue.

Has anyone else run into the same problem and have an explanation as to why?

A Sood
#6
General Discussion / Re: Static Routes Not Working
March 04, 2019, 06:51:35 AM
Hello. It's just a basic static route; not policy based routing or port forwarding.
#7
General Discussion / Static Routes Not Working [SOLVED]
March 03, 2019, 01:20:46 AM
Hello. I've been using OPNsense for about a month now.
I have a very standard set up with only two interfaces (inside & outside);
and the standard firewall rules (to allow traffic from in to out with NAT).

Everything works fine, but I can't get the static routes to work.
I followed the documentation - created a new gateway - and then simply created a static route on the WAN/outside interface pointing to the next hop for the unique destination network.
It's a very simple and basic step, but it doesn't work.
I'm running the latest release (OPNsense 19.1.2-amd64).

When I run a traceroute from a host on the inside network for a device on the destination network which the static route is for, it still goes through the default gateway.

When I ssh into OPNsense, netstat -rn, the routing table is correct - it shows the new static route.
However, even from ssh, I can't ping a device via the static route.

I don't know if I am missing something very simple or the OPNsense routing isn't working properly.
I'd appreciate it if someone else could test the static routing and confirm that it is or isn't working properly.
Can anyone do that?

Also, if anyone else has come across this problem and figured it out or not, it would be a big help if you could post your experience.

Thanks in advance,
A Sood

=== Solution for anyone else who is new to OPNsense and runs into the same problem ===

So the solution for me was to create another firewall rule
to allow from the lan subnets
with the destination subnet of the static route
via the desired gateway of the static route.

And it must be applied before the default lan to wan via default gateway rule.
Pages1