Messages

1

Virtual private networks / Re: Wireguard client disconnect in Opensense 24.1

« on: March 20, 2024, 07:17:29 pm »

I am experiencing the same issue when WG client gets disconnected. Unable to reconnect until I restart the WG service on OPNSense. Happy to help troubleshoot if anyone has ideas for a fix.


Update 3/27/2024: I have ZenArmor running on my FW. I disabled it on the roadwarrior WG interface that I was experiencing WG reconnect issues and the issue seems to have gone away for now. I will update if anything changes.

2

General Discussion / Re: Default gateway per vlan possible?

« on: February 16, 2023, 05:31:22 pm »

Documenting for completeness in the event this helps someone else.

After changing the default gateway for my existing allow_all firewall rule on my guest vlan, DNS to unbound was not working, getting no response from the DNS server. In troubleshooting I discovered I needed to add a specific rule to allow DNS (TCP/UDP port 53) to the firewall itself. DNS resolution started working and traffic routed through the verizon default gateway as expected.

@pmhausen Thank you again for time and help!

3

General Discussion / Re: Default gateway per vlan possible?

« on: February 15, 2023, 10:38:18 pm »

The gateway in the interface settings is for the OPNsense system itself and outside of rather special situations it's like Highlander - there can be only one.

Settings for clients that pass traffic through OPNsense go into rules.

Roger, that makes sense. I got the rule created and the client did show the correct public ip address of my verizon ISP. Only issue I have now is that the OPNSense Unbound DNS is not responding after I changed the default gateway? If I manually change the DNS setting on the client to a public DNS provider, it works great. So I need to figure that out. But this great and working as I had hoped. Thank you so much for your help and providing me guidance!

4

General Discussion / Re: Default gateway per vlan possible?

« on: February 15, 2023, 10:29:40 pm »

Oh I see now, the default gateway is specific on the firewall rule not the interface, just noting here in case it helps someone else.

5

General Discussion / Re: Default gateway per vlan possible?

« on: February 15, 2023, 10:12:31 pm »

Ok that makes me feel better that it is possible. I read about PBR, but I think it is something I need to dig into more and experiment with. Thank you for confirming this.

On the interface for the vlan, i see an option to select a default gateway but the only option that appears is auto-detect. I guess I am missing what the gap is to allow to select a specific gateway? I must still be missing something there...?

6

General Discussion / Default gateway per vlan possible?

« on: February 15, 2023, 09:45:14 pm »

I am newer to OPNSense so please bare with me if this is a very basic question/scenario. I have a single OPNSense device, two ISPs (Comcast and Verizon Cellular). I have multiple vlans (guest, IoT, Work, Personal, etc). I would like to have all IoT traffic used my Verizon WAN as a default Gateway and other vlans use Comcast WAN as their default Gateway. Is this possible?

I read about support for multi-wan, but it seems to be for fail-over (grouping gateways) not having two active default gateways? Apologies if I am mixing up some terminology here and appreciate any advice and assistance.