"
So this is a very interesting proposition. I need remote clients to be able to access internal servers as I'm trying to implement a "cloud environment" . Would yo be able to point me in the direction of the ressources that would help me accomplish the routing strategy you mention. FYI 172.25.25.10 is already static as well as the VPN server 172.25.25.15 Thank you again for the ideas
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
21.1 Legacy Series / Re: Rule not taking effect
February 18, 2021, 09:04:53 PM
Thank you I will look into it! and share my progress
#3
21.1 Legacy Series / Re: Rule not taking effect
February 18, 2021, 08:46:37 PM
Ahhh , I had a suspicion it could be that. Thank you for pointing me in the right direction. Would adding a far Gateway solve this? trying to figure out the easiest way of solving this.
#4
21.1 Legacy Series / Re: Rule not taking effect
February 18, 2021, 08:13:27 PM
So by VPN server , this is my external facing remote access appliance (not Opnsense) running OpenVPN it connects to OPT3 so it has an opnsense provided IP 175.25.25.10
When I connect remotely to the VPN i receive the IP 10.8.0.2 for my client which is then routed to access OPT3 network (175.25.25.0/24).
This worked when I routed to the management interface (LAN) and used to work on OPT3. I know it gets to OPNSENSe on OPT3
When I connect remotely to the VPN i receive the IP 10.8.0.2 for my client which is then routed to access OPT3 network (175.25.25.0/24).
This worked when I routed to the management interface (LAN) and used to work on OPT3. I know it gets to OPNSENSe on OPT3
#5
21.1 Legacy Series / Re: Rule not taking effect
February 18, 2021, 05:17:42 PM
Yes it is the actual ip (the real one, sorry habit of obfuscating IPs in forums) 172.25.XX is in OPT3 net
my network is as follows:
| OPNsense|
| LAN |-----192.xx/24-----Management
|OPT 1 |-----10.2.xx/24-----Main **DHCP active
|OPT 2 |-----172.20.xx/24-----Wireless **DHCP active
| |
|OPT 3 |-----172.25.xx/24-----Remote----DHCP active---------------175.25.xx/24--|VPN Server|------10.8.0.0/24
FYI, just rebuilt the whole setup and still same effect...what am I missing
my network is as follows:
| OPNsense|
| LAN |-----192.xx/24-----Management
|OPT 1 |-----10.2.xx/24-----Main **DHCP active
|OPT 2 |-----172.20.xx/24-----Wireless **DHCP active
| |
|OPT 3 |-----172.25.xx/24-----Remote----DHCP active---------------175.25.xx/24--|VPN Server|------10.8.0.0/24
FYI, just rebuilt the whole setup and still same effect...what am I missing
#6
21.1 Legacy Series / Re: Rule not taking effect
February 18, 2021, 03:32:16 AM
Yes it is. I even destroyed the rule and redone it a couple of times.
Could there be a DB issue?
Could there be a DB issue?
#7
21.1 Legacy Series / Rule not taking effect
February 18, 2021, 02:57:11 AM
Hello everyone,
New to the forum and newish to Opnsense. Love the product but I have been knocking my head against the firewall( ;D ) regarding a rule that just does not seem to work.
My current environment is OPNsense 21.1.1-amd64 with 4 interfaces (1 LAN 3 OPT). So this rule used to work then suddenly stopped... i cleared states, rebooted, reloaded services to no avail:
Rule is:
IN ipv4 interface:opt3 src:opt3-net any port dst:10.8.0.0/24 any port
Log gives the following:
__timestamp__ Feb 18 01:53:21
action [block]
anchorname
dir [in]
dst 10.8.0.2
ecn
id 32008
interface em3
interface_name OPT3
ipflags none
label Default deny rule
length 60
offset 0
proto 1
protoname icmp
reason match
rid 02f4bab031b57d1e30553ce08e0ec131
ridentifier 0
rulenr 12
src 178.100.0.10
subrulenr
tos 0x0
ttl 128
version 4
Any ideas why it applies the default rule even though I have an explicit rule set? ANy help would be greatly appreciate, my demo depends on this
New to the forum and newish to Opnsense. Love the product but I have been knocking my head against the firewall( ;D ) regarding a rule that just does not seem to work.
My current environment is OPNsense 21.1.1-amd64 with 4 interfaces (1 LAN 3 OPT). So this rule used to work then suddenly stopped... i cleared states, rebooted, reloaded services to no avail:
Rule is:
IN ipv4 interface:opt3 src:opt3-net any port dst:10.8.0.0/24 any port
Log gives the following:
__timestamp__ Feb 18 01:53:21
action [block]
anchorname
dir [in]
dst 10.8.0.2
ecn
id 32008
interface em3
interface_name OPT3
ipflags none
label Default deny rule
length 60
offset 0
proto 1
protoname icmp
reason match
rid 02f4bab031b57d1e30553ce08e0ec131
ridentifier 0
rulenr 12
src 178.100.0.10
subrulenr
tos 0x0
ttl 128
version 4
Any ideas why it applies the default rule even though I have an explicit rule set? ANy help would be greatly appreciate, my demo depends on this
Pages1
