Messages

1

22.1 Legacy Series / Re: WAN failover problem - Seems to route through wrong WAN interface

« on: March 11, 2022, 06:24:50 pm »

I just noticed now that I cannot access the router of WAN1 after having disabled the gateway, which I used to be able to when I first set the system up, no matter the default gateway being used. 
Doesn't that sound like some sort of routing problem?  It'd be in line with the problem of the post.

2

22.1 Legacy Series / WAN failover problem - Seems to route through wrong WAN interface

« on: March 11, 2022, 05:15:43 pm »

Hello!

Setup:
WAN1 is connected through a mobile gateway, static IP, no DHCP.
WAN2 is connected through a VSAT (satellite) gateway, static IP, no DHCP.
Two LANs, each with their own physical interface and subnet, static IPs, no DHCP.
WAN failover configured as per the OPNsense documentation.
Zenarmor Sensei is running on the system.

Description of the problem:
When WAN1 fails, the System>Gateways>Single menu shows WAN2 as active, to be expected.
Furthermore, the system routing table shows WAN2 as the default gateway, also to be expected.
The live view log on the firewall however,  shows traffic trying to leave through WAN1, leaving the LANs completely without internet access.
This does not happen every failover, but when it happens, the system does not fall back and I have to resort to a system restart or disabling the WAN1 gateway.

Other Information:
I've had this happen on both 21.x and 22.x, on different machines.
I had to fix it immediately this time so I simply disabled one of the gateways, the following screenshots reflect that.

WAN1 Gateway:


WAN2 Gateway:


The single gateway overview:


Gateway Group:
This screenshot is taken after I disabled the WAN1 gateway, when enabled, it's set as Tier 1


System>Settings>General - Networking
The top DNS is set to the WAN1 gateway when the gateway is enabled


Firewall rules for the main LAN:
It has to be able to connect to devices on all networks, no matter the current default gateway.


I'm pretty new at this, but I've searched the forums and tried applying settings that other people dealing with WAN failover problems have suggested, such as fidgeting with Sticky Connections and Reply-To.

If I'm missing some crucial information please let me know.

Any insight greatly appreciated

3

General Discussion / Accessing web interfaces between LANs

« on: October 15, 2021, 09:53:11 pm »

Hello

I have an OPNsense 21.7.3.

There are two WANs and three LANs, each interface has it's own NIC.
I have WAN failover enabled and users on all my LANs can access the internet without a problem.

LAN 1 is a sort of management LAN and needs to access web interfaces of machines, both on LAN 2 and LAN 3,
but I'm having trouble achieving that.
Just to describe further; I have a PC on LAN 1 and want to access web interfaces on LAN 2 and LAN 3

Here is the top of LAN 1 rules:


I made a very wide rule just for testing, but the ideal setup is as much separation between LANs as possible, only letting specific machines on LAN 1 talk to specific machines on the other LANs

All insight greatly appreciated

4

General Discussion / Accessing the webGUI from a WAN interface

« on: June 01, 2021, 06:58:56 pm »

Hello!

I have my OPNsense set up with three WANs with failover configured and a single LAN interface.

I can access the webGUI no problem from the LAN,  but I can't get it to load from a device
over one of my WANs, which is essential to my project.

Under the WEBgui settings, it is configured to listen on all interfaces, on port 443.

I've been messing around with firewall rules following forum posts here and elsewhere but I'm
pretty new at this.

Any help is greatly appreciated