Messages

1

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 20, 2020, 08:34:00 pm »

For me also everything works without sticky connection....for all of my Clients. Maybe sticky this is now integrated if you're using Multiwan?
Regards

2

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 19, 2020, 04:45:22 pm »

that would be a problem to list specific sites that would require such (banking sites perhaps) but i migth try that.

is this issue specific to opnsense?
or cant sticky connection may be route servers/site to same gateway until no more connection uses the site. it may not multiwan correctly but should not be a problem.

but in may case it is intermittent, which means it is working at some point or level... it just goes down or a few second then back... i just dont know what happens or why

For me it's the same. Now I tested both checked (sticky and sf) and it works for some seconds before it's gone. Then it comes back and it goes again......
It everything goes into default deny rule and sometimes it passes the traffic from the wan.

3

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 18, 2020, 06:45:22 pm »

When I disable "Sticky" and enable "SF" then most of the time the traffic shaping works, but sometimes the bufferbloat returns in the "dslreport" speedtest. I'am using shaping prior to do some FQ-CODEL on my lines cause as you know I'am using 2 Wireless WAN connections and this helps a lot against bufferbloat -> Thx to Opnsense. But I can't even tell, if there is a problem with timeout sessions, if I don't have activate "sticky". So I don't know exactly if it works as expected. For me personally it is a little bit odd, that I can't activate both options without breaking my Wan connections. As you know I'am really happy that such a expert as you are, tries to help me with this. 

4

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 18, 2020, 09:01:43 am »

Yes if disable "Sticky Connections" and leave SF enabled Wan Group is working as expected. It's switching between the two Wan connections. I have a WISP connection with 30/10 Mbps and a 4G with a maximum of 100/40 Mbps. 

5

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 17, 2020, 08:39:52 pm »

ok thank you very much. Maybe there is a possibility..... The problem is that I want to use Traffic Shaping with both Wan connections. And this only possible with Shared Forwarding from what I understand.

6

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 17, 2020, 08:23:22 pm »

If I activate both options in Multiwan Settings in Advanced Firewall Settings than Internet gone for my clients in the VLAN. If I look into the Firewall Live he drops every package that goes to both Wan connections alternatley with the default deny rule. Sometimes the connection works and my clients show some websites as long as the connection doesn't switch from one wan to the other wan -> Screenshot

When I deactivate Sticky Connection it starts working normal and Opnsense using both Wan connections. Also if I deactivate Shared Forwarding and leave sticky connection activated.

7

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 11, 2020, 05:14:49 pm »

Thank you! I've already found out what the issue was! If you use sticky connections and shared forwarding then you experience that the internet connection drops if you activate the policy based routing rule in the firewall with the load balancer group. Found an old Github bug report about this and tried it... Et vous la it works if you deactivate shared forwarding and leave sticky connection enabled. So maybe this is a bug from past that never been corrected... I don't know!? The problem is now that I don't know if traffic shaping is working without this shared forwarding setting. Anyone knows?
Regards

8

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 10, 2020, 03:45:43 pm »

For more information I send you some screenshots. Maybe somebody see any problem
PART 2

9

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 10, 2020, 03:44:26 pm »

For more information I send you some screenshots. Maybe somebody see any problem
PART 1

10

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 10, 2020, 09:59:51 am »

Ok some Update: I reinstalled OpnSense and made all configurations fresh. Made everything in Firewall Rules for my VLAN as mentioned in the opnsense docs. Made a default VLAN to any rule with the Load Balance GW Group. Also made the DNS rule. Also made a VLAN to all Local Subnets with default GW above the rule with the Load Balance GW Group. The Problem with losing connection to the Opnsense Webui  and after some time also the internet connection is gone persists.....

I really appreciate some help. Don't have any glue what's going on.

Regards
 

11

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 08, 2020, 01:33:43 pm »

I've now deactivated the sticky connection check and now internet works without the clearnet to any rule... But opnsense mgmt webui doesn't work at all.... What is wrong?

12

20.7 Legacy Series / Re: MultiWan and VLAN Firewall Rules

« on: November 08, 2020, 12:41:00 pm »

Maybe I have the same problem -> https://forum.opnsense.org/index.php?topic=17116.0
Don't know but I have sticky connection activated...should I deactivate it ? But then it would not work for some Websites and Services or I'am wrong?

13

20.7 Legacy Series / MultiWan and VLAN Firewall Rules

« on: November 08, 2020, 12:01:03 pm »

Hi,
I've got Version 20.7.4 and have a problem with configuring the Firewall Rules for my WAN Gateway Group. On Friday I''ve bought a 5G/LTE Router (ZTE MC801A) with a provider contract to use it as a Load Balancing opportunity for my normal Internet home connection (WISP). Cause we have two teenagers who use the Internet connection externsivley with Home Schooling and a Dad who need it for Home Office 
Ok enough of explaining!
I have a setup with VLAN's and two ISP's. I've tried to bring my normal Clearnet VLAN to work with my Gateway Load Balancing Group, but everytime I switch my Firewall Rule for Outgoing Wan traffic to use the GW Group everything stop working like the MGMT Webui of OpnSense (can't reach anymore) and the Internet connection. Don't have any glue what I'am doing wrong. Tried tons of tutorials and how to's from OpnSense Official down to reddit and something else....
If I deactivate the Clearnet to any rule (you can see it in the Firewall Rule Screenshot) then everything stop working. With this any rule the GW Group is also not working cause this rule will allow the whole traffic out without any policy routing from what I understand and this is what I don't want....Yes I'am a noob 
Maybe somebody can help a stressed dad to get the family peace back to normal....
I add screenshots of my Firewall Rules and other configs.
Thank you
Regards
Wiesel