OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of mcon »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - mcon

Pages: [1]
1
General Discussion / Re: How to setup PPPoE on a new interface/WAN
« on: December 29, 2023, 12:54:54 am »
Thanks @cookiemonster,
unfortunately I blocked much earlier than that.

Before switching to PPPoE I tried a multiWAN using plain ISP modem/router.

I have the (perhaps unusual) situation where my two uplinks are both crippled in different ways.

GW1 is quite fast fiber, but has a "dynamic IP" (i.e.: my external IP changes every now and then, so it's uncomfortable way to get into my LAN/DMZ.

GW2 is slower ADSL, but has a guaranteed fixed IP I associated with my domain.

Situation is similar to [this question](https://forum.opnsense.org/index.php?topic=21158.0) and is not covered in `MultWAN` docs which seem to deal mainly with failover/load-balancing which I don't really need.

To recap:
- I am fine with a single outgoing GW (GW1)
- I need Port forwarding from both GW1 and GW2 (80, 443) to a single server on DMZ (`nginx` reverse proxy)
- problem is responses to packet coming from GW2 are sent back through GW1
- I have all rules in Firewall: Rules: BKP and Firewall: Rules: WAN with no explicit `Gateway`
- such rules seem not editable and I didn't find a way to force GW2 on BKP

General network diagram is:


I am obviously missing something, but I can't understand what.
I can provide the full (current) config if useful.

Many Thanks in Advance

2
General Discussion / How to setup PPPoE on a new interface/WAN
« on: December 28, 2023, 02:50:07 am »
I currently have a three interfaces setup: standard LAN+WAN+DMZ.
WAN is connected to a modem/router doing actual NAT and presenting itself to OPNsense as 192.168.1.1
This is working and I can do what I need.

Now I get a second line with much the same modem, but I should connect it in PPPoE on another Interface.
This second modem is supposed to give me a static public routable IPv4.

I tried setting it up, but I don't see any activity in the logs, so I must have missed some relevant setting.
Can someone tell me exactly what are the steps to setup a second WAN using PPPoE?
I was unable to find relevant documentation.
Notice I would like to avoid disrupting the currently working setup (which I'm using to write this, among other things).

Many Thanks in Advance
Mauro

3
General Discussion / Troubleshooting port forwarding to DMZ
« on: December 20, 2023, 03:26:09 pm »
I am having problems making my redirect working.

First of all I have a slightly unusual setup (comments welcome) as I have two asymmetric ISP connections, both with standard NATting modem/routers:
  • #1 (192.168.1.1) is fast fiber but it has "floating" external IP.
  • #2 (192.168.1.2) is slower DSL but has a fixed and routable external IP.
I installed OPNsense with standard three interfaces:
  • LAN (192.168.7.9)
  • WAN (192.168.1.9)
  • DMZ (192.168.9.9)
I (currently) have a single "webserver" on DMZ ( 192.168.9.8 ) carrying `nginx`.
Setup is to use #1 for normal operation and #2 as fallback (using Monitoring).
This seems to work from both LAN and DMZ; also DNS caching seems to work as expected.
#2 has full port redirection to OPNsense.
I further redirected ports 80, 81 and 443 from OPNSense to "webserver" and added  Unbound DNS: Overrides to shortcut LAN to "webserver".
I can access "webserver" from LAN, but not from Internet.
If I try to access it from outside I see redirection taking place and also packet going to DMZ, but nothing else:

Code: [Select]
DMZ 2023-12-20T15:16:48 109.52.98.12:58623 192.168.9.8:443 tcp let out anything from firewall host itself
wan 2023-12-20T15:16:48 109.52.98.12:58623 192.168.1.9:443 tcp rdr rule
DMZ 2023-12-20T15:16:48 109.52.98.12:58641 192.168.9.8:443 tcp let out anything from firewall host itself
wan 2023-12-20T15:16:48 109.52.98.12:58641 192.168.1.9:443 tcp rdr rule

I am at a loss on how to troubleshoot this.
I have no problems in sharing my current settings, if useful (on second thought I just attach it here ;) ).
Any hint would be greatly appreciated.

Note: I am a newbie to OPNsense and not really a net-guru so I might well have overlooked even the obvious.

Many Thanks in Advance
Mauro

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2