Messages

1

General Discussion / Re: Access Web GUI over WAN - Router-on-a-Stick setup

« on: October 10, 2024, 07:10:56 pm »

If I understand you, you're attempting to hit 192.168.100.119 to log into the GUI and the firewall is disregarding a rule you have to allow management traffic on that interface from your 192.168.133.0 net? Two things,
1. Make sure your listening on your wan interface for management: System>Settings>Administration>Listen Interfaces
2. Assuming your rule is setup correctly on your wan interface (perhaps you could provide the details of your rule) try checking the "Quick" option, which will make sure that rule is evaluated and matched right away.

2

General Discussion / Re: New Install can't connect to internet

« on: October 10, 2024, 06:59:51 pm »

I created a new install.  Only changes - changed ip of LAN to 192.168.140.1.  Put DHCP on LAN with range 192.168.140.100 - 199.  Removed blocks on WAN interface for private networks and bogon networks.  I did this because I am connecting through my existing router which has an ip of 192.168.1.1 because I don't want to disrupt anything until I get this up.  Can't connect, can't ping 8.8.8.8.  Tried running under live using install USB.  Again changed LAN to 192.168.140.1 and removed blocks on WAN.  This time I didn't setup DHCP, gave my computer a static ip of 192.168.140.99.  Still, no joy.  When I go to the dashboard everything looks good.  Added interfaces widget.  It shows LAN as 192.168.140.1/24 and WAN 192.168.1.6/24  WAN DHCP is 192.168.1.1. When I look at firewall logs I see igmp blocks, udp blocks to 192.168.1.255 with a comment defaul deny /state violation rule but most everything seems to be passing.  I see NTP passing for example.

1. What is your routers default route? System>Routes>Status?
2. What is your outbound nat setup? Is it still set to auto? Firewall>NAT>Outbound.
3. Can you ping your lan default gateway: 192.168.140.1?
4. Can you ping your new routers gateway? 192.168.1.1?
5. If so, can you ping your original router's gateway? 35. whatever?

You should be able to determine where the problem is coming from if you logically test from the inside out. Start at the lan, can your device get to it's gateway? Then go to the next hop, then the next, etc. If you can get to your local gateway, but not to the next gateway, then I would look at your NAT setup, because traffic is not being translated properly at your new router.

3

General Discussion / Re: Zabbix Proxy on OPNsense

« on: October 10, 2024, 06:43:50 pm »

Steve, any luck with this?

4

22.1 Legacy Series / Re: Checksum issues with VirtIO in QEMU/KVM environment and OPNsense 22.1

« on: February 11, 2022, 04:33:31 am »

Franco, thanks for clarifying this. bob4os I appreciate the detail you provided, it allowed me to identify the exact same issue in my case.  Hopefully people find this article.

If you're reading this thread and a little confused like I was initially, here's a video going in depth on this issue and the easy fix described by Franco above:

https://youtu.be/69cNH9UX_es