OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of jennifer.cruize98 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - jennifer.cruize98

Pages: [1]
1
General Discussion / Re: Traffic between interfaces
« on: July 19, 2023, 02:24:28 pm »
Got it. So something like this?

Code: [Select]
route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 venet0
10.8.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tun0
45.88.168.0     0.0.0.0         255.255.255.0   U     0      0        0 venet0
192.168.2.0     10.8.0.1        255.255.255.0   UG    0      0        0 tun0
I ran a ping in one window and then ran the following

Code: [Select]
tcpdump icmp and src 10.8.0.1 and dst 192.168.2.254
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked v1), snapshot length 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
Not sure if I'm going about this the right way.

2
General Discussion / Re: Traffic between interfaces
« on: July 18, 2023, 01:52:04 pm »
192.168.2.0/24 can ping 10.8.0.1 and 10.8.0.2

Looking at the packet capture, I don't see the 192.168.2.0/24 network being mentioned so my guess is the traffic is never leaving the Linux machine running on 10.8.0.1 which is the OpenVPN network.

On the Linux machine I have:
Code: [Select]
ip ro sh
default dev venet0 scope link
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
public_IP/24 dev venet0 proto kernel scope link src public_IP
So this means I need to have a static route added on OpnSense, correct?


3
General Discussion / Re: Traffic between interfaces
« on: July 17, 2023, 03:33:30 pm »
By endpoints we mean the Linux Server and OpnSense firewall?


In regards of adding a route, is the following correct way if needed?

I had to manually create the LAN GW since it wasn't auto created.

Thanks bart!

4
General Discussion / Re: Traffic between interfaces
« on: July 17, 2023, 03:05:06 pm »
I created a floating rule to allow ping from any protocol to and from any interface and removed all that NAT rules ect...

Started a ping and I see the successful to 10.8.0.2 logged but I don't see the deny to 192.168.2.254 which confuses me.

5
General Discussion / Traffic between interfaces
« on: July 17, 2023, 01:58:22 pm »
My network is as follows:

OpenVPN network OPT1 (10.8.0.1) <--> (10.8.0.2) OpnSense <--> (192.168.2.254) LAN Network

I'm trying to ping/access the 192.168.2.0/24 network from the linux machine on 10.8.0.1. I can ping 10.8.0.2 and 192.168.1.1 (WAN GW) but I can't seem to figure out how to reach the other.

I tried doing a outbound NAT to force anything on 10.8 not going to 10.8 to go to 192.168 by firewall and by GW but no luck.


Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2