Messages

Thanks for the help. It is working now.

I had 3 parts I needed to change.

• in the VPN server I had to add site b lan address range into "IPV4 Local Network" field. I had it in "IPV4 Remote Network" field.
• In the S2S wireguard I had to add my OpenVPN network 10.10.0.0/24 on both sides of wireguard PEER for allowed networks.
• I had to add an allow firewall rule for the network interface on site b.

I don't think you are going to find very many users who are trying to do anything with UPNP over VPN. If that is some plugin you may want to try to ask in a different forum.

I have a working wireguard site to site setup. I have a working openvpn setup at site a. However, I can't get the openvpn client that is connected to site A to see Site B.

I have put in the wierguard and site b's addresses into ipv4 remote in openvpn. However, I can't even see anything bounce of the firewall. If the data isn't making it to the firewall then what does that mean?

Add me to the list.  My router has 6x* Intel I211-AT  with the latest updates.

I rebuilt it from scratch and did the bare minimum setup. Everything was good with the first few devices added to the switch but then it went bezerk  when I added everything else. It especially didn't like my Intel NUC.

My 5 port Intel I225-V box with the latest opnsense updates does not have this issue.

Based on how many views here and how many threads on Reddit there seems to be a consensus that load balancing is challenging.  There must be an answer to this.  I have been battling these issues for many months and haven't found any definite answer. 

Failover works great it is just the load balancing that refuses to work. I am in desperate need of load balancing but when I do get this figured out I am posting as many screenshots as I can!

I'm going to try and do a better job explaining my issue.

I have a multi-WAN setup.  I also have a group gateway setup for failover.  I have devices connected to my LAN.  One of those devices is another router.

Here is my problem:  If I select any other gateway other than "default" in the firewall the other router stops working but the rest of my LAN devices works correctly.

I have tried many combinations of settings and am still stuck.  I have unchecked the "block private networks" on each of my WAN interfaces.

What am I missing?

I upgraded to 21.1.2 last night to see if that would make a difference and as of this morning it still wasn't working.  I've also tested with and without that DNS firewall rule.  The problem isn't the firewall rule.  The problem has something to do with the multi-wan failover.

1. failover is initiated and the router falls back to WAN2.
2. all devices except the 2nd router see the new gateway and it works accordingly
3. the 2nd router shows the gateway as offline but I can still access the router.  If I can access the router with the IP but I can't resolve DNS I think my problem is still something to do with DNS.

In order to continue to troubleshoot can anyone point me in the right direction?  If the rest of the devices are connected to the OPNSense LAN works and yet this router does not, it sure sounds like some odd setting that I am missing.

Edited subject to better reflect my problem.

Multiwan works on everything except the 2nd router and devices sitting behind it.  It is not just a DNS issue. Just switching the default LAN to all rule gateway to the multiwan group will cause it to fail.  Just in case I have even created a rule for the ip address subnet sitting behind 2nd router.


old ->
I was following the instructions on how to setup a multi-wan failover.  One of the last things it says is to create a DNS rule.

This rule will utilize the gateway group for all traffic coming from our LAN network. This also means that traffic intended for the firewall itself will be routed in this (wrong) direction. That is why Step 5 is needed for our DNS traffic going to and coming from our DNS forwarder on the firewall itself.

I have a double NAT situation.  The main router is running OPNSense.  The router behind this one is the one that loses DNS when I enable the firewall rule that the above talks about.  Why and how do I get DNS to work on the 2nd router?