Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Andre Cinelli

Pages1
#1
General Discussion / Re: VLANs and Local Interfaces routes
March 18, 2021, 04:30:02 PM
I saw what  I did wrongly.
On the VLANs 110-114 static IP configs I left the combo box with the network mask for a single host (32). The right mask should be 24.

Newbies will be newbies.

Thanks in advance, and ignore my previous post.

Andre
#2
General Discussion / VLANs and Local Interfaces routes
March 18, 2021, 04:06:59 PM
Hi all,

my name is André and I recently installed OPNsense. I am super newbie and would really appreciate a link to an explanation of what happened on my setup.

THE ENVIRONMENT:

I have one server running OPNSense with two (02) physical interfaces. As I needed more internal networks, I created 5 VLANs on the switches. After that I created the corresponding internal VLAN interfaces in OPNsense.

Something like that:
10.31.0.0/21 - WAN Interface - IP 10.31.6.8 with default gateway set to IP 10.31.4.1
192.168.110.0/24 - VLAN 110 - interface IP 254
192.168.111.0/24 - VLAN 111 - interface IP 254
192.168.112.0/24 - VLAN 112 - interface IP 254
192.168.114.0/24 - VLAN 114 - interface IP 254
192.168.200.0/24 - VLAN 2000 - interface IP 254

THE ISSUE:

When I was testing reachability from my computer (that is in the same network as the WAN firewall interface and has an all access rule set in the firewall) I was only able to reach hosts at the 192.168.200.0/24.

I looked at the firewall live view logs and saw that the packets that I´ve sent trying to reach the other internal networks were being logged as a PASS but being sent back to the firewall's WAN interface. With a traceroute I saw that they were being routed to the firewall default gateway and not to the local network interfaces directly connected to it.

I took a look at my firewall routes and saw that there was only one network route for the internal interfaces:
ipv4   192.168.200.0/24   link#11   U   288   1500   ix1_vlan2000   

There weren´t any routes for the 110-114 networks.
I had to manually add static routes to the other interfaces to make it work.

THE QUESTIONS:

What have I done wrong to not have the internal local networks routes already set? Was there a box that I should have checked? Why only the 200 network interface had the route (maybe it was the default LAN network before I renamed its description)?

Thanks in advance,
Andre

PS: I just confirmed that the 200 network interface was my LAN in the Interfaces-Overview.
















Pages1