"
Hi all,
I'm running a pilot OPNsense deployment on bare metal and encountered a problem related to LAN access.
Setup:
- LAN interface with a static IP and an upstream gateway (external router)
- WAN1 and WAN2 in different VLANs with static public IPs and gateways
- Web UI is accessed via the LAN interface
- LAN needs to route traffic through its own upstream router, not through WAN
Issue:
As soon as I assign a default gateway (e.g., WAN1) under System → Routing → Gateways, access to the Web UI over LAN breaks.
Even with a firewall rule like:
Source: LAN net
Destination: This firewall
Gateway: default or specific
Advanced: Disable reply-to → enabled
...the connection is lost.
Tried:
Removing all default gateways — Web UI becomes reachable again
Adding a static route for the LAN subnet via the upstream LAN gateway
Testing different firewall rule orders and combinations
pfctl -d does not restore access
Goal:
I want to maintain stable access to the Web UI via LAN (which routes through its own upstream router) while still having a default gateway active on WAN for general internet access.
Is there a correct or recommended way to achieve this in OPNsense?
Thanks in advance!
I'm running a pilot OPNsense deployment on bare metal and encountered a problem related to LAN access.
Setup:
- LAN interface with a static IP and an upstream gateway (external router)
- WAN1 and WAN2 in different VLANs with static public IPs and gateways
- Web UI is accessed via the LAN interface
- LAN needs to route traffic through its own upstream router, not through WAN
Issue:
As soon as I assign a default gateway (e.g., WAN1) under System → Routing → Gateways, access to the Web UI over LAN breaks.
Even with a firewall rule like:
Source: LAN net
Destination: This firewall
Gateway: default or specific
Advanced: Disable reply-to → enabled
...the connection is lost.
Tried:
Removing all default gateways — Web UI becomes reachable again
Adding a static route for the LAN subnet via the upstream LAN gateway
Testing different firewall rule orders and combinations
pfctl -d does not restore access
Goal:
I want to maintain stable access to the Web UI via LAN (which routes through its own upstream router) while still having a default gateway active on WAN for general internet access.
Is there a correct or recommended way to achieve this in OPNsense?
Thanks in advance!
