Messages

1

21.1 Legacy Series / Re: Rule not taking effect

« on: February 23, 2021, 10:07:18 pm »

So this is a very interesting proposition. I need remote clients to be able to access internal servers as I'm trying to implement a "cloud environment" . Would yo be able to point me in the direction of the ressources that would help me accomplish the routing strategy you mention. FYI 172.25.25.10 is already static as well as the VPN server 172.25.25.15 Thank you again for the ideas

2

21.1 Legacy Series / Re: Rule not taking effect

« on: February 18, 2021, 09:04:53 pm »

Thank you I will look into it! and share my progress

3

21.1 Legacy Series / Re: Rule not taking effect

« on: February 18, 2021, 08:46:37 pm »

Ahhh , I had a suspicion it could be that. Thank you for pointing me in the right direction. Would adding a far Gateway solve this? trying to figure out the easiest way of solving this.

4

21.1 Legacy Series / Re: Rule not taking effect

« on: February 18, 2021, 08:13:27 pm »

So by VPN server , this is my external facing remote access appliance (not Opnsense) running OpenVPN it connects to OPT3 so it has an opnsense provided IP 175.25.25.10

When I connect remotely to the VPN i receive the IP 10.8.0.2 for my client which is then routed to access OPT3 network (175.25.25.0/24).

This worked when I routed to the management interface (LAN) and used to work on OPT3. I know it gets to OPNSENSe on OPT3

5

21.1 Legacy Series / Re: Rule not taking effect

« on: February 18, 2021, 05:17:42 pm »

Yes it is the actual ip (the real one, sorry habit of obfuscating IPs in forums) 172.25.XX is in OPT3 net

my network is as follows:


| OPNsense|             
| LAN          |-----192.xx/24-----Management
|OPT 1        |-----10.2.xx/24-----Main  **DHCP active
|OPT 2        |-----172.20.xx/24-----Wireless **DHCP active
|                 |
|OPT 3        |-----172.25.xx/24-----Remote----DHCP active---------------175.25.xx/24--|VPN Server|------10.8.0.0/24


FYI, just rebuilt the whole setup and still same effect...what am I missing

6

21.1 Legacy Series / Re: Rule not taking effect

« on: February 18, 2021, 03:32:16 am »

Yes it is. I even destroyed the rule and redone it a couple of times.

Could there be a DB issue?

7

21.1 Legacy Series / Rule not taking effect

« on: February 18, 2021, 02:57:11 am »

Hello everyone,

New to the forum and newish to Opnsense. Love the product but I have been knocking my head against the firewall(  ) regarding a rule that just does not seem to work.

My current environment is  OPNsense 21.1.1-amd64 with 4 interfaces (1 LAN 3 OPT). So this rule used to work then suddenly stopped... i cleared states, rebooted, reloaded services to no avail:

Rule is:
IN ipv4 interface:opt3 src:opt3-net any port dst:10.8.0.0/24 any port

Log gives the following:

__timestamp__   Feb 18 01:53:21
action   [block]
anchorname   
dir   [in]
dst   10.8.0.2
ecn   
id   32008
interface   em3
interface_name   OPT3
ipflags   none
label   Default deny rule
length   60
offset   0
proto   1
protoname   icmp
reason   match
rid   02f4bab031b57d1e30553ce08e0ec131
ridentifier   0
rulenr   12
src   178.100.0.10
subrulenr   
tos   0x0
ttl   128
version   4

Any ideas why it applies the default rule even though I have an explicit rule set? ANy help would be greatly appreciate, my demo depends on this