"
Thx Maurice ! That was what fixed it. I was still using the automatic setting. Just added a NAT rule for my 10.34.0.0/16 subnet and it worked !
with kind regards,
Marcel Tempelman
with kind regards,
Marcel Tempelman
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
19.1 Legacy Series / Re: OPNSense behind ISP Modem; all traffic blocked
April 23, 2019, 07:26:40 PM #2
19.1 Legacy Series / OPNSense behind ISP Modem; all traffic blocked
April 22, 2019, 07:57:45 PM
Hello all,
I have the following setup:
Internet -- ISP modem -- OPNSense -- l3 switch
ISP modem - OPNSense subnet : 192.168.178.0/24 (.1 <-> .252)
OPNSense -- L3 Switch 10.34.10.0/24
L3 Switch - 10.34.0.0/16 (several VLANs).
I've added FW rules to allow 10.34.0.0/16 (added routing and gateway too) to any but traffic gets blocked by "Default Rule". I've made it more specific by adding /24 subnet rules but traffic stays blocked. I've searched through OPNSense and PFSense posts but I cannot get a right answer why something pretty obvious gets blocked. Am I missing NAT rules (it's double NAT, yeah not perfect but it works)? I've disabled blocking RFC1918 en bogon networks.
At the moment I use an ASA 5505 and that works but as soon as I switch the default route to the OPNSense FW (on the L3 switch) the logs fill up with block spam.
I must be overlooking something but I do not see it at the moment.
With kind regards,
Marcel Tempelman.
I have the following setup:
Internet -- ISP modem -- OPNSense -- l3 switch
ISP modem - OPNSense subnet : 192.168.178.0/24 (.1 <-> .252)
OPNSense -- L3 Switch 10.34.10.0/24
L3 Switch - 10.34.0.0/16 (several VLANs).
I've added FW rules to allow 10.34.0.0/16 (added routing and gateway too) to any but traffic gets blocked by "Default Rule". I've made it more specific by adding /24 subnet rules but traffic stays blocked. I've searched through OPNSense and PFSense posts but I cannot get a right answer why something pretty obvious gets blocked. Am I missing NAT rules (it's double NAT, yeah not perfect but it works)? I've disabled blocking RFC1918 en bogon networks.
At the moment I use an ASA 5505 and that works but as soon as I switch the default route to the OPNSense FW (on the L3 switch) the logs fill up with block spam.
I must be overlooking something but I do not see it at the moment.
With kind regards,
Marcel Tempelman.
Pages1
