Messages

Hi dseven,

it works again, you saved my day!!!g
I set the WAN interface (em0) from DHCP to "None" for both, ipv4/6. I removed (actually just disabled) the Gateways for WAN (DHCP & DHCP6) and (while at it) also enabled IPV6 on the VLAN Interface. The Gateway overview now shows the two gateways for the VLAN Interface (DHCP/DHCP6) as active, the two WAN Gateways as "defunct" and i can access the internet again.

I still stick with my "It used to work all the time...." but the problem is solved. I can now access the Internet and have the good feeling that the messy setup with VLAN and WAN both configured for IP has been properly cleaned up so that only VLAN is configured for IP.

Again, thanks a lot for your support.

Best,
D.

Hi dseven,

i trust your recommendation however this setup has been running since 2019. 4 NICs (wan, lan, wifi and DMZ, even though the last is not used). Additionally we have a running VPN Server to access the network from outside and which i am doing right now. And the network itself is part of a Site2Site VPN thus an additional OpenVPN Client interface. In 2021 i had to add the VLAN configuration. When creating a VLAN it requires me to specify the parent interface, so naturally i took WAN (which was configured for IP). Ever since then i see two different IP addresses for the WAN and the VLAN interface. However the VLAN interface is the one that is visible to the outside world, or said differently: When i do an "curl http://ifconfig.me" i see the VLAN IP.

Not being a network guy i tend to follow your advice (so going into the WAN interface configuration and changing "IPv4 Configuration Type" from DHCP to None. That is what i understand, or?

However, as said, the current setup has been running for years and i have done several OpnSense updates. And there never any issues. After rebooting it just worked out of the box.

I will give it a try, though.

Thanks.

Thanks for your response.

I suppose it was my (wrong) choice of words. My ISP requires a VLAN tag which i configured under devices/vlan (vlan config.png). It requires the WAN NIC (em0) as parent.

In the gateway section (gateways overview.png) i am able to select both of the gateways and activate the "Upstream gateway" to give it more priority. I also changed the priority number from 255 to 254 assuming that this will make OpnSense use those. Since this did change anything i restored it back to the initial configuration done by OpnSense. WHich has been working for quite some while now.

So, i checked the firewall rules and they all look fine. As can be seen in the live view the ping is passed.

I also checked the gateways after reading about a similar issue somebody had with an earlier release upgrade. I did set the VLAN and WAN interface explicetly to "Upstream Gateway" but this did not change the behaviour. I still can not access the internet, not from the LAN nor from the firewall host itself.
 

To add to this:

When doing a ping 8.8.8.8 i also see the proper entry in the Firewall Live views even though ping comes not to an end.

Yes, that was my first hope, that it could be a DNS issue. But ping does not work, as long as it running against external ressource.

Both WAN and VLAN interfaces have their respective IP addresses (which is of course expected since i can access the server from outside via VPN).

Nice image, btw.

D

Hi all,

i just upgraded to from 24.x to 25.1 and am seeing now that i do not have any outgoing internet access anymore. Not from any machine in LAN nor from the opnsense machine itself via console. I have a VLAN interface sitting on the WAN interface. Funny enough, I have a VPN server running on OpnSense and i can access it without any problems from outside. Also netshares on systems in the LAN are possible once i connect to the VPN Server. But every outgoing traffic is not possible. I run into timeoouts. So seems to be a configuration issue and not a hardware issue. I did not see any required manual settings in the release notes that would be required after upgrading and in the past all updates ran very smoothly with everything back online once done.

I do not really see any hints in the log file (except issues that are bound to the fact that outgoing traffic is not posibble) but then again i am not highly familiar with opnsense. Any hints where i should tend my attention to?

Any help much appreciated, thanks.

D.