"
My opnsense lan is 10.10.10.1
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
General Discussion / Re: Outbound Traffic Fails Without Allow-In Rule
Today at 05:21:06 AM
I forgot to mention that I already turned it off, but it still doesn't work :(
and thanks for your quick reply 😀
and thanks for your quick reply 😀
#3
General Discussion / Outbound Traffic Fails Without Allow-In Rule
January 29, 2025, 06:50:58 AM
Hello everyone,
I'm fairly new to OPNsense, so please bear with me if I'm missing something obvious. I'm experiencing an issue with Stateful Packet Inspection (SPI) that I don't quite understand. As far as I know, SPI should automatically allow return traffic for outbound connections, but in my case, it doesn't seem to be working.
My Setup:
ISP Router: 192.168.1.1
OPNsense WAN: 192.168.1.10 (placed in ISP router's DMZ)
OPNsense handles all internal routing and firewall rules.
The Issue:
Outbound connections work only if I have both an "Allow Any Any" Outbound Rule and an "Allow Any Any" Inbound Rule on the interface.
If I remove the inbound rule, all traffic stops, even though SPI should allow return traffic for established connections.
This happens on all interfaces, not just a specific one.
However, OPNsense itself can reach the internet (e.g., downloading plugins works).
What I've Tried:
Checked Firewall Optimization Settings: Set to "Normal."
Firewall Logs: Traffic gets blocked when the inbound rule is removed.
NAT Settings: Outbound NAT is set to Automatic.
Gateway Configuration: WAN gateway is correctly assigned.
Tested on Different Interfaces: Same issue everywhere.
I expected SPI to handle return traffic without requiring an explicit inbound rule. Since I'm still new to OPNsense, I might be overlooking something basic. Any help or guidance would be greatly appreciated!
Thanks in advance!
I'm fairly new to OPNsense, so please bear with me if I'm missing something obvious. I'm experiencing an issue with Stateful Packet Inspection (SPI) that I don't quite understand. As far as I know, SPI should automatically allow return traffic for outbound connections, but in my case, it doesn't seem to be working.
My Setup:
ISP Router: 192.168.1.1
OPNsense WAN: 192.168.1.10 (placed in ISP router's DMZ)
OPNsense handles all internal routing and firewall rules.
The Issue:
Outbound connections work only if I have both an "Allow Any Any" Outbound Rule and an "Allow Any Any" Inbound Rule on the interface.
If I remove the inbound rule, all traffic stops, even though SPI should allow return traffic for established connections.
This happens on all interfaces, not just a specific one.
However, OPNsense itself can reach the internet (e.g., downloading plugins works).
What I've Tried:
Checked Firewall Optimization Settings: Set to "Normal."
Firewall Logs: Traffic gets blocked when the inbound rule is removed.
NAT Settings: Outbound NAT is set to Automatic.
Gateway Configuration: WAN gateway is correctly assigned.
Tested on Different Interfaces: Same issue everywhere.
I expected SPI to handle return traffic without requiring an explicit inbound rule. Since I'm still new to OPNsense, I might be overlooking something basic. Any help or guidance would be greatly appreciated!
Thanks in advance!
Pages1
