"
regarding Tailscale. I took a deeper look. Seems like it is not for free?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
General Discussion / Re: LAN is not able to access the internet
June 15, 2023, 11:29:02 AM
Thank you very much for your advice. I tried to
but it doesn't do anything
I already added 8.8.8.8 to the DNS. DNS actually works, because
results in
But it stops here. I never get an answer. It never times out :o. Could it be that XCP-NG has something todo with it? What wonders me is that on that Server (10.101.10.12) I have 2 physical LANs, eth0 and eth1, but my ifconfig said that I connected it to xenbr0. What is xenbr0? I expected it to be connected to eth0?
Code Select
ping 172.217.169.14but it doesn't do anything
I already added 8.8.8.8 to the DNS. DNS actually works, because
Code Select
ping -4 google.deresults in
Code Select
PING google.de (142.251.209.131) 56(84) bytes of data.
But it stops here. I never get an answer. It never times out :o. Could it be that XCP-NG has something todo with it? What wonders me is that on that Server (10.101.10.12) I have 2 physical LANs, eth0 and eth1, but my ifconfig said that I connected it to xenbr0. What is xenbr0? I expected it to be connected to eth0?
#3
General Discussion / LAN is not able to access the internet
June 14, 2023, 06:36:11 PM
I got this network
[FIX WAN IP] ==> Fritzbox-Router [192.168.0.1/24] ==> OPNsense - WAN[192.168.0.120] ==> LAN[10.101.10.1/24] ==> XCP-NG[10.101.10.12]
Also Enabled Wireguard and Unbound DNS
When I ssh the XCP-NG via Wireguard I cannot access the internet. I havn't tried directly, but I guess it has the same effect.
from within the console on 10.101.10.12:
ping 10.101.10.1 -> OK
ping 192.168.0.1 -> OK
ping 8.8.8.8 -> OK (manually added it in the OPNsense as DNS)
ping google.com -> NO
curl google.com -> NO
Firewall live log shows that curl connects to the correct IP.
shows:
I did read that I'm suppose to add a route to somehow tell the Router[192.168.0.1] that the respond of the requests need to be routed back to OPNsense [192.168.0.120], but I don't know how to. The default Outbound NAT Rule set seem good to me. I also disabled RFC1918.
What seemed a bit weired was that some auto log rules appeared in the Wireguard-Interface section even though the IP-Address was from another interface.
Any help would be great!
[FIX WAN IP] ==> Fritzbox-Router [192.168.0.1/24] ==> OPNsense - WAN[192.168.0.120] ==> LAN[10.101.10.1/24] ==> XCP-NG[10.101.10.12]
Also Enabled Wireguard and Unbound DNS
When I ssh the XCP-NG via Wireguard I cannot access the internet. I havn't tried directly, but I guess it has the same effect.
from within the console on 10.101.10.12:
ping 10.101.10.1 -> OK
ping 192.168.0.1 -> OK
ping 8.8.8.8 -> OK (manually added it in the OPNsense as DNS)
ping google.com -> NO
curl google.com -> NO
Firewall live log shows that curl connects to the correct IP.
Code Select
`route`shows:
Code Select
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default OPNsense.locald 0.0.0.0 UG 0 0 0 xenbr0
10.101.10.0 0.0.0.0 255.255.255.0 U 0 0 0 xenbr0
I did read that I'm suppose to add a route to somehow tell the Router[192.168.0.1] that the respond of the requests need to be routed back to OPNsense [192.168.0.120], but I don't know how to. The default Outbound NAT Rule set seem good to me. I also disabled RFC1918.
What seemed a bit weired was that some auto log rules appeared in the Wireguard-Interface section even though the IP-Address was from another interface.
Any help would be great!
Pages1
