OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Andre Cinelli »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Andre Cinelli

Pages: [1]
1
General Discussion / Re: VLANs and Local Interfaces routes
« on: March 18, 2021, 04:30:02 pm »
I saw what  I did wrongly.
On the VLANs 110-114 static IP configs I left the combo box with the network mask for a single host (32). The right mask should be 24.

Newbies will be newbies.

Thanks in advance, and ignore my previous post.

Andre

2
General Discussion / VLANs and Local Interfaces routes
« on: March 18, 2021, 04:06:59 pm »
Hi all,

my name is André and I recently installed OPNsense. I am super newbie and would really appreciate a link to an explanation of what happened on my setup.

THE ENVIRONMENT:

I have one server running OPNSense with two (02) physical interfaces. As I needed more internal networks, I created 5 VLANs on the switches. After that I created the corresponding internal VLAN interfaces in OPNsense.

Something like that:
10.31.0.0/21 - WAN Interface - IP 10.31.6.8 with default gateway set to IP 10.31.4.1
192.168.110.0/24 - VLAN 110 - interface IP 254
192.168.111.0/24 - VLAN 111 - interface IP 254
192.168.112.0/24 - VLAN 112 - interface IP 254
192.168.114.0/24 - VLAN 114 - interface IP 254
192.168.200.0/24 - VLAN 2000 - interface IP 254

THE ISSUE:

When I was testing reachability from my computer (that is in the same network as the WAN firewall interface and has an all access rule set in the firewall) I was only able to reach hosts at the 192.168.200.0/24.

I looked at the firewall live view logs and saw that the packets that I´ve sent trying to reach the other internal networks were being logged as a PASS but being sent back to the firewall's WAN interface. With a traceroute I saw that they were being routed to the firewall default gateway and not to the local network interfaces directly connected to it.

I took a look at my firewall routes and saw that there was only one network route for the internal interfaces:
ipv4   192.168.200.0/24   link#11   U   288   1500   ix1_vlan2000   

There weren´t any routes for the 110-114 networks.
I had to manually add static routes to the other interfaces to make it work.

THE QUESTIONS:

What have I done wrong to not have the internal local networks routes already set? Was there a box that I should have checked? Why only the 200 network interface had the route (maybe it was the default LAN network before I renamed its description)?

Thanks in advance,
Andre

PS: I just confirmed that the 200 network interface was my LAN in the Interfaces-Overview.












 




Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2