Messages

small update, issue still exists but I notice something else.
When doing a traceroute to the IP address of the firewall, then the first is the firewall but it has also a second hop and a third hop (wan addresses).

the client and the firewall are in the same subnet 10.10.10.0/23

Hi all,

I'm quite stumped with a stupid problem.
My unit has 2 WAN connections and by thus 2 gateways.

Now I want to force traffic from a specific lan client to go over the second gateway.
So I created an alias containing the IP of the client and then;

Fw rules - LAN_1 - new rule - pass (quick) - src the alias - destination any - port any - gateway the second gateway

This then results that the client wan ip address is the one of the second gateway and I can ping 1.1.1.1 BUT I lose connection to the opnsense LAN IP, which is also my DNS so no name resolution

What does work:

Fw rules - LAN_1 - new rule - pass (quick) - src any- destination wan server address - port any - gateway the second gateway

But that doesn't solve my issue because I want all traffic from that client to go over the second wan connection

Any ideas?

Hi All,

I'm ran into a problem where I can't find a solution to.

Overview net:
LAN: 10.10.10.0/23
WAN: static ip
IPSEC Mobile W LAN: 10.10.60.0/24

Setup mobile ipsec with the guide provided in the Wiki.
Connection works fine, I can ping from IPsec to LAN range and the other way around.

An iOS, I have working internet. So in other words only LAN traffic is sent over the tunnel.
On Android (9) I have working tunnel traffic but when trying to go outside the IPSEC/LAN range everything gets blocked.

After checking the NAT Outbound page, I saw that the IPSEC range was not there.
So I have created a new rule (changed to hybrid mode) and setup the following rule. Found the advise in another thread. But still no traffic

Link to image: http://prntscr.com/nbqlp8

The traffic test is done with ping to 1.1.1.1 and requesting http page

PS: 10.10.61.0/24 is used for OpenVPN, so no typo there