OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of MangledBit »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - MangledBit

Pages: [1]
1
High availability / Re: Metronet fiber WAN dropping internet every 24 to 36 hours.
« on: March 28, 2021, 12:20:37 am »
I was able to get a year-long promotion free for the static IP. Hopefully that will be enough enough time to figure out another solution. It would be cheaper to buy a VPN in foreword it's traffic through VPN tunnel to the firewall to have a public IP. According to what I'm writing sort like a bastion set up.

I want the firewall to still handle all the traffic from the VPN into treated as just another hop from from the source destination. Nor do I want to forward all the traffic out of the network through the VPN justice services I wish to port forward. Normally bastion is used to filter traffic/logging/antivirus and such.  I have that set up on the firewall so no sense in paying for a higher grade VPN to run opnsense. So the question is there an easy way just to simply forward all traffic regardless of ports through the tunnel. I think I would need some sort of proxy to forward all the traffic.

I'm new to professional networking so I'm stretching the limits of my knowledge what's possible in the terms to educate myself further. So any help in that direction would be helpful.


However the issue at hand with the WAN dropping internet every 24 to 36 hours will still be an issue without the static IP. That's the 1st hurdle I need to solve.



2
High availability / Metronet fiber WAN dropping internet every 24 to 36 hours.
« on: March 25, 2021, 08:31:42 pm »
Greetings everyone, I'm looking for some help diagnosing WAN IPv4 dropping every 24 to 36 hours. The WAN interface is not considered down when this event occurs. WAN is connected to directly to the modem which connects out to the Internet via fiber. The WAN interface details do not change when I release/renew to restore Internet. That process restores the network connection.

As I understand Metronet does not provide you with a public facing IP address be default. They use what is called Carrier Grade NAT. "Carrier Grade". You end up with a double NAT situation.

Similar netgate topic
https://forum.netgate.com/topic/150572/metronet-fiber-internet-goes-down-roughly-every-24-hours/15

Suggestions how to tweak to make wan properly in sync with the nokia g-010g-a ont modem?

Things that I prefer not to do or cannot do.
- Bridge the modem
- Dedicated IP
- Communicate to the ONT by the webqui or ftp etc.

3
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 06:22:01 pm »
Perhaps I created an alias of the domain name url that references the Public IP address which is tied to a dynamic DNS service.  Then I can use that as a destination for port forwarding because it resolves to my  public IP?

works for only Automatic outbound NAT for Reflection

4
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 05:50:18 pm »
PS C:\Users\Main> tracert 1.1.1.1

Tracing route to one.one.one.one [1.1.1.1]
over a maximum of 30 hops:

   1    <1 ms    <1 ms    <1 ms  OPNsense.localdomain [192.168.1.1]
  2     *        *        *     Request timed out.
  3     1 ms     1 ms    <1 ms  10ge7-5.core1.rst1.he.net [184.105.27.57]
  4     4 ms     3 ms     3 ms  100ge8-2.core1.blp1.he.net [184.105.65.157]
  5     4 ms     4 ms     4 ms  100ge8-2.core1.msp1.he.net [184.105.64.97]
  6     4 ms     4 ms    16 ms  AS13335.micemn.net [206.108.255.45]
  7     4 ms     4 ms     5 ms  one.one.one.one [1.1.1.1]

5
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 05:40:39 pm »
I believe this has to do with Metronet Internet service provider.

https://www.reddit.com/r/Metronet/comments/ieohps/does_metronet_provide_a_standalone_not_a_combo/

Public IP -> Metronet Router -> ONT (provides private IP from Metronet router) -> Your Router (has private IP from metronet as the WAN IP) -> Computer/Device (has private IP from your router)... Metronet does not provide you with a public facing IP address be default. They use what is called Carrier Grade NAT. "Carrier Grade" means nothing. You end up with a double NAT situation

Outside of dedicated IP is there anything else I could try to do to remedy the situation?

6
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 04:51:35 pm »

  Interfaces: Diagnostics: DNS Lookup


Wan IPv4 address xxx.xx.xxx.216/19  is the IP to opnsense firewall which I normally log into via `192.168.1.1`

Response    
Type    Address
   OPNsense.localdomain
Resolution time per server    
Server    Query time
127.0.0.1    25 msec
1.1.1.1    9 msec
1.0.0.1    5 msec


7
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 03:37:41 pm »
Public IP: xxx.xx.xx.65

Taken from `WAN interface (wan, igb0)`
IPv4 address xxx.xx.xxx.216/19
IPv4 gateway xxx.xx.224.1

I think the public IP should be reflected in the WAN interface...


screen shot windows 7

8
General Discussion / Re: NAT: Port Forward- destination WAN address vs Public IP
« on: March 25, 2021, 03:16:27 pm »
Thank you for taking a moment to respond!

My setup is very basic. I recently upgraded to symmetrical fiber service. Currently have a dynamic IP however to my knowledge that shouldn't affect this process.

Version: 21.1.3_3

Modem Alcatel-lucent G-010g-a -> Firewall -> Switch

No multi WAN setup

The only thing deviating from the standard install

- Sensei
- https://forum.opnsense.org/index.php?topic=8783.0  [Tutorial] How I do port forwarding - simple and straightforward
- Unbound DNS: Blacklist for ad blocking


` I’m assuming the WAN interface is actually bound to the public IP?`

When initially setting up WAN interface during install time it did correctly pull the public IP so I assume it's bounded. is there a way for me to check?

9
General Discussion / NAT: Port Forward- destination WAN address vs Public IP
« on: March 24, 2021, 09:56:41 pm »
When I configure port forwarding to use the `WAN address` resources/server not reachable.

- Destination: WAN address

However if I utilize I can reach the resource/server just fine defining destination `Single IP or Network` as my public IP.

- Single IP: my public IP

Shouldn't the Public IP and the WAN Address be the same?
Suggestions for troubleshooting?


10
20.7 Legacy Series / Re: WAN dropping internet every 24 to 36 hours.
« on: December 08, 2020, 12:10:15 am »
A little help would be appreciated.

11
20.7 Legacy Series / WAN dropping internet every 24 to 36 hours.
« on: December 04, 2020, 12:33:00 pm »
Greetings everyone, I'm looking for some help diagnosing WAN dropping every 24 to 36 hours. The WAN interface is not considered down when this event occurs. WAN is connected to directly to the modem which connects out to the Internet via fiber. The WAN interface details do not change when I release/renew to restore Internet.

What recommendations would you have for me to provide better troubleshooting info?



Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2