Messages

1

19.1 Legacy Series / Re: OPNSense behind ISP Modem; all traffic blocked

« on: April 23, 2019, 07:26:40 pm »

Thx Maurice ! That was what fixed it. I was still using the automatic setting. Just added a NAT rule for my 10.34.0.0/16 subnet and it worked !

with kind regards,

Marcel Tempelman

2

19.1 Legacy Series / OPNSense behind ISP Modem; all traffic blocked

« on: April 22, 2019, 07:57:45 pm »

Hello all,

I have the following setup:

Internet -- ISP modem -- OPNSense -- l3 switch

ISP modem - OPNSense subnet : 192.168.178.0/24 (.1 <-> .252)
OPNSense -- L3 Switch 10.34.10.0/24
L3 Switch - 10.34.0.0/16 (several VLANs).

I've added FW rules to allow 10.34.0.0/16 (added routing and gateway too) to any but traffic gets blocked by "Default Rule". I've made it more specific by adding /24 subnet rules but traffic stays blocked. I've searched through OPNSense and PFSense posts but I cannot get a right answer why something pretty obvious gets blocked. Am I missing NAT rules (it's double NAT, yeah not perfect but it works)? I've disabled blocking RFC1918 en bogon networks.

At the moment I use an ASA 5505 and that works but as soon as I switch the default route to the OPNSense FW (on the L3 switch) the logs fill up with block spam.

I must be overlooking something but I do not see it at the moment.

With kind regards,

Marcel Tempelman.