"
Yeah, I tried all sorts of things while experimenting. I've already removed it, thanks :)
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
25.1, 25.4 Series / Re: Eve-ng WAN access
July 23, 2025, 12:16:11 PM
Apparently, there was some kind of glitch 🤔 I noticed a strange display of the MAC address on the WAN interface vtnet0. Interestingly, it only appeared in the web interface — in the console, the address was shown correctly. I disconnected and reconnected it, but the issue persisted. Then I assigned vtnet2 to the WAN instead of vtnet0, and everything started working.
Thanks for the quick response and your attempt to help 😏
Thanks for the quick response and your attempt to help 😏
#3
25.1, 25.4 Series / Re: Eve-ng WAN access
July 23, 2025, 11:38:49 AM
Yes, in the same project, all other clients connected to the same Cloud are working fine.
This one cannot ping any host via WAN. Not even the gateway responds to ping. The OPNsense version is 25.1.
Let me describe the architecture a bit. The base is a PC running Linux with a VM configured via libvirt, running Eve-NG. Inside Eve-NG, the OPNsense instance is configured within the project. A bridge is created on the host PC. Around ten VMs are running via libvirt. Several networks are also configured and functioning within Eve-NG, so I haven't looked for problems in that area.
[Physical PC with Linux 192.168.30.164]
└── br0 (bridge) → connected to physical network 192.168.30.0/24
└── libvirt → VM: EVE-NG
└── eth0 (inside EVE-NG) → gets 192.168.30.188 from the same network
└── Cloud0 → bridged to eth0
└── VM: OPNsense → DHCP 192.168.30.198
LAN settings:
Static IPv4
IPv4 address: 192.168.1.1
All other fields are empty, checkboxes are disabled.
WAN settings:
IPv4 Configuration Type: DHCP
Override MTU: enabled
All other fields are empty, checkboxes are disabled, including "Promiscuous mode".
Attached is a screenshot of the console where you can see the WAN interface receiving an address. The last remaining part is the firewall rules after some experimentation.
This one cannot ping any host via WAN. Not even the gateway responds to ping. The OPNsense version is 25.1.
Let me describe the architecture a bit. The base is a PC running Linux with a VM configured via libvirt, running Eve-NG. Inside Eve-NG, the OPNsense instance is configured within the project. A bridge is created on the host PC. Around ten VMs are running via libvirt. Several networks are also configured and functioning within Eve-NG, so I haven't looked for problems in that area.
[Physical PC with Linux 192.168.30.164]
└── br0 (bridge) → connected to physical network 192.168.30.0/24
└── libvirt → VM: EVE-NG
└── eth0 (inside EVE-NG) → gets 192.168.30.188 from the same network
└── Cloud0 → bridged to eth0
└── VM: OPNsense → DHCP 192.168.30.198
LAN settings:
Static IPv4
IPv4 address: 192.168.1.1
All other fields are empty, checkboxes are disabled.
WAN settings:
IPv4 Configuration Type: DHCP
Override MTU: enabled
All other fields are empty, checkboxes are disabled, including "Promiscuous mode".
Attached is a screenshot of the console where you can see the WAN interface receiving an address. The last remaining part is the firewall rules after some experimentation.
#4
25.1, 25.4 Series / Dynamic DNS Record Updates
July 23, 2025, 10:38:48 AM
In OPNsense, the combination of Kea DHCP and Unbound has been chosen. By default, Unbound does not appear to support dynamic DNS updates directly. The goal is to configure automatic record updates.
With Kea DHCP, it's possible to trigger an external script using hooks (e.g., lease4_commit event). The idea is as follows:
Perhaps someone can suggest a better solution?
With Kea DHCP, it's possible to trigger an external script using hooks (e.g., lease4_commit event). The idea is as follows:
- receive new leases
- update the Unbound configuration
- restart Unbound with the new records
Perhaps someone can suggest a better solution?
#5
25.1, 25.4 Series / Eve-ng WAN access
July 23, 2025, 09:53:00 AM
Hi, 2All.
OPNsense has been set up in EVE-NG. One WAN interface is connected to the Cloud (Management Cloud0), and the other LAN interface is connected to a Mikrotik switch that leads to the local network. The WAN interface receives an IP address via DHCP. The local addressing is 192.168.30.1/24.
However, packets do not go out to the internet, nor can they reach OPNsense from outside. Other PCs are connected to the same Cloud and work fine. I suspect the issue is with the firewall settings.
In the WAN interface settings, I disabled Block private networks and Block bogon networks. I assume the problem might be in the default rules, but I cannot edit them. I created allow rules, but still couldn't achieve the desired result. SSH access from outside also doesn't work, even though I created allow rules for it.
I also tried disabling the packet filter entirely, but that didn't help either.
Could you please advise what the issue might be? I can't even update the system.
OPNsense has been set up in EVE-NG. One WAN interface is connected to the Cloud (Management Cloud0), and the other LAN interface is connected to a Mikrotik switch that leads to the local network. The WAN interface receives an IP address via DHCP. The local addressing is 192.168.30.1/24.
However, packets do not go out to the internet, nor can they reach OPNsense from outside. Other PCs are connected to the same Cloud and work fine. I suspect the issue is with the firewall settings.
In the WAN interface settings, I disabled Block private networks and Block bogon networks. I assume the problem might be in the default rules, but I cannot edit them. I created allow rules, but still couldn't achieve the desired result. SSH access from outside also doesn't work, even though I created allow rules for it.
I also tried disabling the packet filter entirely, but that didn't help either.
Could you please advise what the issue might be? I can't even update the system.
Pages1
