Messages

Ok, never mind. I feel so stupid. But maybe writing down the issue made me realize something. Since I could ping the Velop router, but not the internal network, it came to me that the OPNsense firewall is configured correctly.

Apparently the Velop router has some own internal firewall that blocks this kind of traffic. Disabling it solved my issue.

Hi,

I'm trying to setup access from my LAN to my WiFi, but I seem to have issues in getting it to work the way I want. First let me explain my setup. I have OPNsense running on dedicated hardware. WiFi is handled by a Linksys Velop Mesh solution. This has it's own separate network, though it's wired connection uses the OPNsense box to get it's internet connection.

My LAN is in the IP range 172.16.0.0/24, WiFi is 10.1.0.0/24. On OPNsense I've configured a wireless interface (OPT3) using infrastructure mode and put it in the WiFi network. It's IP address is 10.1.0.10. The Velop router has 10.1.0.1 and the device I need to reach from my LAN has 10.1.0.123.

If I login to the shell of OPNsense I can ping both my Velop and the actual device I need to reach in the end. However, if I check from a client that has only a LAN interface I can ping the Velop router, but not the 10.1.0.123 host.

In the OPNsense firewall rules I've created a rule for the LAN interface that allows all traffic from 'LAN net' to 'OPT3 net' and for OPT3 I've created the rule the other way round.

I'm probably overlooking something here, but I just can't seem to pinpoint what I'm missing. If it were possible to attach a WiFi module to the final client that would also solve it, but that seems to be impossible.

I'm running OPNsense 22.7_4-amd64.

If anyone can point me in the right direction that would be greatly appreciated.

Hi,

For some reason NTP does not work on my OPNsense box. When I try to start it, it just immediately dies again. I'm using the default setup as shipped with OPNsense.

In /var/log/ntpd.log I get this:

Code Select Expand


Aug 31 13:06:33 OPNsense ntpd[60103]: ntpd 4.2.8p13@1.3847-o Mon Aug 26 00:49:49 UTC 2019 (1): Starting
Aug 31 13:06:33 OPNsense ntpd[60103]: Command line: /usr/local/sbin/ntpd -g -c /var/etc/ntpd.conf -p /var/run/ntpd.pid
Aug 31 13:06:33 OPNsense ntpd[5695]: proto: precision = 0.227 usec (-22)
Aug 31 13:06:33 OPNsense ntpd[5695]: basedate set to 2019-08-14
Aug 31 13:06:33 OPNsense ntpd[5695]: gps base set to 2019-08-18 (week 2067)
Aug 31 13:06:33 OPNsense ntpd[5695]: restrict: 'monitor' cannot be disabled while 'limited' is enabled
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen and drop on 0 v6wildcard [::]:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 2 igb3 10.0.0.10:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 3 igb3 [fe80::4262:31ff:fe00:3a51%4]:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 4 igb3 [fdd0:609d:e6ae:0:4262:31ff:fe00:3a51]:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 5 igb3 [2001:980:5fb6:1:4262:31ff:fe00:3a51]:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 6 lo0 [::1]:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listen normally on 7 lo0 127.0.0.1:123
Aug 31 13:06:33 OPNsense ntpd[5695]: Listening on routing socket on fd #28 for interface updates
Aug 31 13:06:33 OPNsense ntpd[5695]: mlockall(): Cannot allocate memory
Aug 31 13:06:33 OPNsense ntpd[5695]: kernel reports TIME_ERROR: 0x4041: Clock Unsynchronized
Aug 31 13:06:33 OPNsense ntpd[5695]: 0.0.0.0 c01d 0d kern kernel time sync enabled
Aug 31 13:06:33 OPNsense ntpd[5695]: kernel reports TIME_ERROR: 0x4041: Clock Unsynchronized
Aug 31 13:06:33 OPNsense ntpd[5695]: 0.0.0.0 c012 02 freq_set kernel -12.274 PPM
Aug 31 13:06:33 OPNsense ntpd[5695]: 0.0.0.0 c016 06 restart
Aug 31 13:06:34 OPNsense ntpd[5695]: ntpd exiting on signal 15 (Terminated)
Aug 31 13:06:34 OPNsense ntpd[5695]: 0.0.0.0 c01d 0d kern kernel time sync disabled

Any suggestions on how to fix this?

Hi,

Thanks for the reply. I've increased interval as you suggested. I'll if that does something. In the log it's full with these messages:

Code Select Expand

Jul 11 20:08:34 dpinger: send_interval 5000ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 10.0.0.138 bind_addr 10.0.0.10 identifier "WANGW "
Jul 11 20:08:32 dpinger: send_interval 5000ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 10.0.0.138 bind_addr 10.0.0.10 identifier "WANGW "
Jul 11 20:08:29 dpinger: send_interval 5000ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 10.0.0.138 bind_addr 10.0.0.10 identifier "WANGW "

But I can't see to find an error in that.

Hi,

I did a fresh install of OPNsense on bare metal. It seems to be working fine, but for some reason  the WANGW keeps flapping between states offline / online when I keep watch on it in the dashboard. The internet connection however seems to be working fine though.

Anyone ever seen this behaviour? And of course, how do I get rid of it? I you need anything more logfiles, whatever, please let me know. I'm a OPNsense newbie, so I still don't know where to find everything.