Messages

1

Hardware and Performance / Re: YouTube and Google Play Store poor performance on OPNSense

« on: January 22, 2024, 05:40:41 pm »

Yeah, I've noticed that! 

Yeah, I installed the Realtek plugin and it still gave me issues. But I think I should be good to go now!

2

23.7 Legacy Series / FIXED: Internal Network can't access webserver but external can

« on: January 19, 2024, 10:55:31 pm »

EDIT: Much to my embarrassment as a DevOps Engineer who should have known better... I restarted the machine, and it started working just fine. Thought to be fair, it shouldn't have exhibited that behavior all of a sudden! Hahaha


I've seen posts similar to this on these forums, but it seems like the solutions they've recommended haven't worked for me.

Essentially, I have a webserver at 192.168.0.50 in LAN. My OPNSense firewall is the internet gateway and it's at 192.168.0.1. I've set up power forwarding so that WAN access to port 80 and port 443 are forwarded to 192.168.0.50, and I've changed the ports associated with my firewall GUI to others, so as to not cause any potential conflict there.

Anyone from the outside can visit "mydomain.com" just fine, receive certs, TLS, etc.
But when I try to access "mydomain.com" from my internal network (i.e. my PC at 192.168.0.110 trying to connect to mydomain.com), it fails saying "Connection Timed Out".

I do have NAT Reflection and automatic NAT outbound rule creation enabled. I also have IDS and IPS active, though haven't downloaded any rule sets, or anything like that. I also tried the DNS Override through Unbound DNS, but either I didn't do it right, or it didn't work either.

Any ideas?

3

Hardware and Performance / Re: YouTube and Google Play Store poor performance on OPNSense

« on: January 19, 2024, 08:42:09 pm »

Decided to post a reply saying that the issue, though still not technically solved, is solved on my end because I bought new hardware.

I'm assuming the issue is something to do with the combination of the Dell machine, the Realtek cards, and the version of FreeBSD / OPNSense, as the new machine I have is using Intel I225-V interfaces, and everything works perfectly now. YouTube and Google Play Store work nicely, and my download speeds are still 1 GB everywhere else in my network.

4

Hardware and Performance / Re: YouTube and Google Play Store poor performance on OPNSense

« on: December 28, 2023, 06:13:16 pm »

I just set up my firewall to block traffic from my LAN to anything IPv4/IPv6 UDP port 443 or port 80. Still have the issue. :/ But let me know if that's not how I should do it / if there are any other steps needed. 

5

Hardware and Performance / Re: YouTube and Google Play Store poor performance on OPNSense

« on: December 28, 2023, 09:16:21 am »

See, and I was wondering if it being my Realtek cards was a possibility, but why would it be JUST Google things? Super weird. I planned on trying out a different card for testing purposes, but would ideally likely to have it confirmed before I go buy a new card.

6

Hardware and Performance / Re: YouTube and Google Play Store poor performance on OPNSense

« on: December 27, 2023, 07:52:00 am »

Just wanting to bump this, as it's actively problematic, and would be nice to try to diagnose with folks who are more familiar with OPNSense than me!

7

Hardware and Performance / YouTube and Google Play Store poor performance on OPNSense

« on: December 20, 2023, 11:38:20 pm »

I've recently created an OPNSense box. Specs:

Dell OptiPlex 7050
CPU: i5-7500
SSD: Lexar 512 GB 3000 MB/s
RAM: 8 GB (2x4) DDR4 2133
NICs: 2x Realtek RTL8125B (I know Realtek isn't the best, especially with OPNSense, but they seem to work for basically everything).

So, the issue I'm having is strange. The reason I posted in the Hardware and Performance subforum is because I'm wondering if my Realtek cards have something to do with it? No idea why they would, but I know they are buggy with OPNSense (and like all other appliance firewalls. Lol)

Basically, everything in my home network works fine, aside from YouTube and the Google Play Store (and possibly other Google apps - I haven't checked yet).
Any Apple products we have, download from their App Store perfectly fine. My desktop, which is hardwired, downloads from Steam at 100+ MB/s. However, playing YouTube videos and downloading from the Google Play Store are a huge struggle (wired, and wireless). YouTube videos constantly buffer, and switch back and forth between low and higher resolution, and downloading from the Play Store when my phone is connected to my WiFi is in the range of like 50 Kb/s.

Now before you ask if my WiFi is having issues, it's not. And again, before you ask if maybe my ISP is having issues... they're not. I did not have these problems at all until I switched to the OPNSense box as my main router/firewall. My phone runs a 300 Mb/s speed test, and my home internet is 1 Gb/s. And I have this problem on both my wired, and wireless devices. JUST YouTube and Google Play Store are slow.

Any ideas?

8

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 20, 2023, 11:26:32 pm »

Yeah, I thought about doing that, but I saw in the forum rules that if a forum contains content you're searching for, to comment on that instead of creating a new one. However, you're right. The YT/Google issues are a side issue to my original question, which has been resolved. I'll go ahead and see what I can do about marking this as done.

9

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 20, 2023, 05:35:09 pm »

The "old router" is just for my IoT network. it does DHCP and NAT inside of my current network, but for it's own network. So essentially, inside my main network, I've got my old router plugged in with the WAN port, so it gets an IP address from the OPNSense DHCP server and treats that IP address as it's WAN IP for it's network, and does NAT to translate between that IP and it's own "internal" network.

Regardless, that's not what is causing the YouTube and Google slowness issue I'm encountering, as YouTube and Google were performing poorly as soon as I switched my network to my OPNSense box, rather than having my entire network go through my previous router. I'm wanting to determine why OPNSense is causing slowness with ONLY those things - YouTube, and Google Play Store. What a random group of web applications to have problems with.

10

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 20, 2023, 05:28:56 am »

Not sure if this is "allowed", but I haven't gotten a solution to my YouTube and Google Play Store slowness issue yet, even though absolutely everything else works perfectly fine. So I guess... bump? Lol

11

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 12, 2023, 02:26:55 am »

Hmm. Well so the issue isn't coming from my old router. The connection between my old router and my IoT devices works perfectly fine, so that issue is more or less resolved.

The "Issue 1" I subsequently mentioned was the weirdness of Google Play Store and YouTube not working properly (i.e. loading suuuper slowly) on my network. But what's weird is that everything else works fine on my network. Apple devices download from their app store just fine, I can download from Steam on my desktop perfectly fine (like 100+ MBps) but all devices struggle to load YouTube, including hardwired ones. It does eventually start to more or less work, but does take a few minutes of "lagginess" to figure itself out. And of course, my Google Play Store is just always slow (I'm talking like the 50 Kbps range) on Wifi. But my phone get likes 300+ Mbps in SpeedTest, and my internet service from my ISP is 1 Gbps, so I don't have any speed issues.

The reason I believe it's "something" to do with my OPNsense box - whether that's hardware, software bugs, or configuration, is because it worked perfectly with my old router. When I switched to my OPNsense box, I started to notice these behaviors.

12

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 11, 2023, 05:42:32 pm »

Yeah, sure!

Network is set up as follows:
(-> is wired, --- is wireless)
Internet -> OPNsense -> mainSwitch -> basementSwitch -> oldRouter --- IoT Wifi Devices

From my main switch, I also branch off, like so: mainSwitch -> upstairsSwitch -> my desktop, Mac work machine, laptop

YouTube, and Google Play Store are slow on all devices I've used, but the Apple App Store works fine.

13

General Discussion / Re: TP-Link IoT Network and OPNsense not working together (and another issue)

« on: December 11, 2023, 08:26:55 am »

I ended up going a different route for my initial main issue. I basically just found an old router and am using that as my "IoT" network, and have disabled the feature on my Deco App, since it was causing more issues than it was worth.
However, there are two issues remaining:

Issue 1:
As mentioned in my first message, for some reason, Google specific apps are incredibly slow (Google Play store on my Android phone is literally a snails pace, until I disconnect from WiFi, and YouTube is suuuper slow too)

New Issue 2:
I'm wondering how I can block the access from my "IoT" network to the web GUI of OPNsense? I've tried creating an alias, and a firewall rule to block all incoming traffic from the IP that is assigned to the IoT router (the alias / source), to "This Firewall" as my destination, but that doesn't seem to work properly.

14

General Discussion / SOLVED (sort of):TP-Link IoT Network and OPNsense not working together

« on: December 10, 2023, 10:59:56 pm »

EDIT: SOLVED. Issue 1 I ended up solving on my own (sort of - I just used an old router as my IoT network instead). I'm going to create a new thread for issue 2.

Forgive me, for I am a noob with OPNsense firewalls (or firewalls in general, other than simple things like port forwarding, etc.)
I have two TP-Link Deco XE75s as my WiFi Access Points, but connected to a switch that is connected to the OPNsense Firewall machine.

Essentially it goes Internet -> OPNsense Firewall/Router -> Switch -> Switch -> TP-Link Deco

Oh, my firewall is using Realtek RTL8125B nics, which I know are not the best, but they work reasonably well for my network, aside from this issue that I've recently discovered. (And they explode when IDS/IPS is enabled.

Issue 1:
I noticed what I feel like is a bug / incompatibility between OPNSense and the TP-Link Deco IoT Network. Essentially, my TP-Link Deco app can create three networks: Home network, Guest network, and IoT network.
I have my home network at 192.168.0.1/24. The TP-Link Deco creates a "separate" network, although it receives IP addresses from the DHCP server on the OPNsense router. So my desktop could be 192.168.0.12, and a device on the IoT network could be 192.168.0.110, etc.

What I noticed is that, specifically with ethernet devices such as my desktop PC, if I have the IoT network enabled in the Deco app, my desktop computer with ethernet, works properly until it goes to sleep. Once it wakes up, it no longer connects to the internet or anything on the local network, and eventually shows as "Not Connected".
Oh, I should note that all wireless devices continue to work just fine - because of this, I use my phone to perform step number 1 below, as my desktop no longer connects to the network.

There are two ways to temporarily fix it (but it dies again every time I let my PC go to sleep and wake it)
1. reboot the router, or
2. disable the IoT network in the Deco app. If I turn on my PC and it's not working, I disable the IoT network, and after 30 seconds or so, my desktop resumes normal function.

Naturally, I'd prefer not to have to do either one of these things EVERY time I wake my PC from sleep, and I'd like to keep the IoT network functional.

Issue 2:
For some reason, Google specific apps are incredibly slow (Google Play store is literally a snails pace, until I disconnect from WiFi, and YouTube is suuuper slow too) - on all devices in my network, both wired and wireless.