Messages

Yes, the Rule is under the VLAN interface in the Firewall>Rules> VLAN.

What I noticed in live view is that only tcp S flags (SYNC) are allowed while A (ACK) are being blocked.

On server side (it's Proxmox server with 3 vlans configured 70, 71, 99 via one NIC bridge) when I ssh from client in VLAN70 to server IP address in VLAN70 everything is ok, but the issue occurs when reaching VLAN99 proxmox address from VLAN70. Here are 2 sessions, the first one works fine, the second is frozen:

Code Select Expand


# netstat -pant | grep ssh
tcp        0      0 192.168.70.10:22        192.168.70.103:34538    ESTABLISHED 2257291/sshd: root@
tcp        0   3604 192.168.99.10:22        192.168.70.103:54188    ESTABLISHED 2254739/sshd: root@


There's an arp table for my proxmox attached below. As I'm not network expert, please let me know what outputs and commands could be valuable for diagnosing the problem.

Yes I did. Unfortunately it didn't help.

Hello. I have several vlans. I want to allow vlan70 to access a host in a vlan99 over ssh. Sounds easy so I created a rule (img1).

I tried to ssh to the host from vlan70 to vlan99 and it worked, but ssh connection freezes after a few seconds. Opnsense live view log attached as img2.

So at first my rule allows to connect, but after several seconds auto-generated rule "Default deny / state violation rule" (img3) blocks the traffic. Why is it so?

The same issue:
https://forum.opnsense.org/index.php?topic=27706.0

The same issue:
https://forum.opnsense.org/index.php?topic=27592.0

I've got exactly the same problem. All working fine, nothing special in logs and suddenly reboot. Anybody has any clues how we can debug what causes the reboot? This also started happening after upgrade to 22.1 in my case.

I do confirm. When openvpn server is set up for a single interface only, unbound starts on boot without issues.

I have this problem too, and YES I have openvpn server running.

This is how it ended up:
https://github.com/opnsense/core/issues/2946#issuecomment-493452319

[DHCP Static Mappings]

Hi. I configured DHCP Static Mappings for an interface without providing IP address (only MAC + hostname). So I want the IPs to be assigned from the poool and DNS resolver to get the mappings and serve them but unfortunately it doesn't work. I've got  Register DHCP static mappings option checked under Unbound DNS -> General.
DNS resolution works fine when I add an IP address to DHCP Static Mappings but this is not the way I want to go.

As you can see on a screenshot, devices get leases but no hostname assignments.

The situation was described on Netgate forums:
https://forum.netgate.com/topic/125306/dhcp-static-mapped-hostname-to-dns-resolver-without-specifying-ip

People claim this might be pfSense bug, so maybe it was inherited by OPNSense.

Any clue how to get things work? Or maybe someone can confirm that this is a bug in fact.