OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of ddutch206 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - ddutch206

Pages: [1]
1
22.7 Legacy Series / Re: Can't reach host from one interface to another
« on: December 09, 2022, 04:17:47 pm »
Ok two replies that say floating rules is a bad idea. So I will spend tonight changing my floating rules to be on the interface.

Honestly the reason was laziness. I knew I didn't want to create a bridge network, but did want the internal interfaces to have the ability to access each other. Coming into the WAN I only have 4 ports defined, everything else is closed down.


2
22.7 Legacy Series / Can't reach host from one interface to another
« on: December 09, 2022, 11:29:17 am »
I am admit-tingly a very novice user of Opnsense but after struggling for two days, its time to ask for help.

Current setup.

Running latest version of OPNsense on a mini PC with 6x i226 ethernet ports (https://cwwk.net/products/j6412-j6413six-network-port-i226-nic-2-5g-soft-routing-mini-host-industrial-automation-retail-smart-city).

eth0 is WAN
eth1 is LAN, 10.0.0.1/24, unplugged
eth2 is Wifi, 10.0.2.1/23 - connected to a ethernet over power device that is powering two ASUS APs. Sixty devices sit on this. Its /23 on purpose because I've (not joking) run out of IPs before on /24.
eth3 is Media, 10.0.4.1/29 - directly connected to a NAS/Server (running on 10.0.4.2) serving media in the house
eth4 is VoIP, 10.0.5.1/29 - Gigaset VoIP (running on 10.0.5.2)

Most of the traffic sits on eth2, including the laptop I'm writing this on.

Reaching 10.0.0.1 (OPNsense) and 10.0.4.2 (various docker containers) HTTPS ports work w/o issue from 10.0.2.1/23. However I can't reach 10.0.5.2's HTTP port from my laptop. I can ping the IP just fine, but port 80 is non-responsive.

From the host running OPNsense, I can reach port 80

My laptop:

bash-5.2$ telnet 10.0.5.2 80                                                                                             
Trying 10.0.5.2...
telnet: connect to address 10.0.5.2: Operation timed out
telnet: Unable to connect to remote host


OPNsense:

XXXXXX@corerouter:~ $telnet 10.0.5.2 80
Trying 10.0.5.2...
Connected to SL450A-GO.XXXX
Escape character is '^]'.


I have four floating rules setup to allow access into the LAN, Wifi, Media and VOIP interfaces. This works fine for Wifi -> Media and I have an identical one for the VOIP network


https://imgur.com/a/IPHQDxY

I'm at a loss as to why I can't reach port 80 from any device on the 10.0.2.1/23 network to the device on the 10.0.5.1/29 network when pinging the device works w/o issue.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2