Messages

Thanks a lot for your time, I'll do tests next week !!!

Anyway it seems a workaround, better would be to understand why with OPNsense there's this kind of problem and with a simple Mikrotik routerboard not.

Here to you the diagram, hoping all will be simplified.

Thanks
Enrico

Hi, thanks again,
1. there are other system behind the OPN and none of them has problems.
2. yes, same rules for both the wan
3. yes, same rules for both the wan

Thanks for your reply.

Could you please show me where I'm wrong making a misconfiguration of the firewall ? I ask only because only the SIP doesn't route to wan 2 til I restart the trunk and not return on wan 1 til I restart the trunk if the interface return functional. All the other kind of traffic route between the wan without problem.

In any case the trunk is managed by the PBX that knows only the internal IP of the gateway to which it sends the packets, the PBX not control which interface the Firewall uses to route the traffic to the endpoint.

Thanks again
Enrico

Yes is correct,
the PBX is in the 192.168.68.0/24 Lan with is gateway (OPNsense dual wan with failover).

Why the trunk must know the second ISP Wan IP ?!? If you mean the provider server with which the trunk is connected it has no problem to accept us, otherwwise I can't understand.

Anyway I've made a test, same PBX, same LAN, same wan connection using a simple Mikrotik routerboard and all gone fine after a 5-6 step of configuration. When the primary wan fail the traffic (and the trunk too) route to the secondary and when it returns available all the traffic re route on it.

But I'd like to do it with OPNsense if possible.

Thanks
Enrico

Thanks for your reply,
I don't understand what you mean with lcientes network, could you please explain ??

Hi to everibody and thanks to have accepted me.
I'm Enrico and after years with pfSense I've started to use OPNsense since last year, til now succesfully, I'm not a rookie but surely I'm even not an expert cause there are always something to learn.

This is the question, I've configured an OPNsense 23.7.1_3 with a failover dual wan and all goes correctly, if the primary gateway goes down the system switch on the secondary and all the client behind the FW can continue to works. The only problem is the one for which I'm writing here, I explain.

I've a Freepbx in the LAN of the firewall with a SIP trunk connected to our cloud platform, when the primary goes down, from it I can continue to ping outside, make updates and so on, the only things that doesn't go is the SIP Trunk so I've made some checks and with a packet capture I noted that the request to register that the PBX sends to its gateway (the OPNsense above) are still managed by the primary gateway WAN even if it is down and not by the one 'active' like the other traffic.

Which may be the problem ? I really don't understand why only the SIP packets follow this flow while the other not.

Thanks for your support
Enrico