Messages

Thank you very much for your responses. Thanks to your advises I could found the problem.

[SOLVED] The problem was that at System - Settings - General, I had selected the option "Allow DNS server list to be overriden".

In the interfaces - Diagnostics - DNS Lookup I could not resolve, so the problem was the firewall itself.

There has been a cluster of circumstances because I had an old router as access point to the LAN port and it had configured a default dns server. So some tests were working and others didn't.

Once I have this is working I can migrate my network to the firewall.

You are the best. Best regards. Have a good day.

Hello everyone. I've been spending some time over the past few weeks trying to configure a firewall. My goal is to remove the router provided by my internet company by connecting the firewall to my ONT. They have provided me with the credentials, including username, password, and VLAN (20) in this case.

The WAN wasn't a problem. First I had to configure a ppoe conection in my WAN. After that created a new vlan (20) with parent device the WAN device.
In the assignments option I assigned the new vlan created into the WAN interface. In the WAN interface option I had to add again the user and password.

After a while I was obtaining a public IP (seen in the dashboard) and I could update the packages.

In all the tutorials I see a guy launching a browser and saying: well, we have access to internet. But that is not my case.

I thought it may be caused because my devices are not in any VLAN. So I created a permisive rule

ipv4 (I only use ipv4), source any, destination any, gateway WAN_GW (the only one and active in system-gateway-configuration).

In the NAT -> Outbound -> Automatic outbound set to true.

In system -> settings -> general, I have configured to dns servers

                   1.1.1.1  use gateway:   WAN_GW (active one)
                   8.8.8.8  use gateway: none (a different option just to see if it works)

I can ping 8.8.8.8, but I cannot resolve domains.


I have also tested to include in the LAN interface dns servers like 8.8.8.8, 8.8.4.4  Without much criteria, changing options just in case there's luck.

I also tried new rules in the WAN interface to allow all incoming traffic and outcoming traffic just in case, but no luck.

This is a particular configuration. The WAN using pppoE in a vlan. Maybe I am doing something wrong, but the WAN is connected to internet, so I have assumed this is right.

I'm running out of ideas. Another alternative is to use my company's router in bridge mode, but this would be my last option.

Any suggestions will be welcome. Greetings.

Creo que el problema puede venir porque lo virtualicé usando proxmox y las interfaces de red no están marcadas como vlan aware.

He intentado borrar el post porque lo creé en un momento de desesperación  y me expliqué fatal. Voy a intentar hacerlo de forma nativa a ver si me funciona.

¿Alguno sabe cómo borrar un post?. No he sido capaz de ver como.

Hola a todos. Soy nuevo usuario de Opnsense y me he visto diversos videos y leido documentación.

Mi objetivo era reemplazar el router de Digi y gestionar mi seguridad.

Dentro de opensense he podido configurar mis interfaces WAN y LAN. La interfaz WAN utiliza PPOE dentro de una vlan 20 para acceder a los datos de DIGI.  Lo tengo bien configurado porque aparece la ip pública en el dashboard
y puedo actualizar los paquetes desde la GUI del firewall.

La interfaz LAN tiene IP 192.168.1.1.   

Configuré el servidor DHCP para el interfaz LAN y conectado a este he podidio obtener una dirección ip en el rango de la subred 192.168.1.0/24  -> 192.168.1.50.

Todo parece que va bien pero no soy capaz de salir al exterior.  No se si por el hecho de estar el WAN en vlan 20 necesita hacer algo adicional por mi parte. He visto que por defecto hay una regla para tener salida al exterior, por lo que ya me surgen dudas. No se si es un problema de configuración y me falta algún parámetro del que no soy consciente.

Creé una regla en LAN para que pueda salir al exterior, pero me dió la impresión de que por defecto ya existía una regla.

Agradezco mucho las ideas que me puedan dar porque estoy atascado en este punto. He adjuntado algunas capturas de cómo lo he configurado, aunque no se si el problema vendrá por este lado.

Un saludo y gracias de antemano.