Topics

1

18.1 Legacy Series / Nat 1:1

« on: July 05, 2018, 03:40:11 pm »

Hi all,

I've been waiting to upgrade to 18.1 because i suffered many issues in the past with "early updates".
Some days ago i've finally decided to upgrade my opnsense from 17.7 to 18.1.11 (11 seems to be a minor number quite nice where many things are fixed)....

Then after the upgrade... baboom.. everything seems to be working BUT no NAT 1:1.
I have a public ipv4 subclass from my provider, and have some servers in the DMZ, so I have a Nat 1:1 mapping for all of them. Eg:

x.x.x.150 <-> 192.168.10.150

and in virtualip the ip x.x.x.150 is added (proxyarp).  In 17.7 is working perfectly, but in 18.1.11 (in theory is the same config!, i've already restored the config dump many times...) is not.

Any advices that what could be happening?
Thanks in advance

2

17.1 Legacy Series / 16.7.14 -> upgrade to 17.1 - VPN multiwan broken

« on: February 02, 2017, 11:38:18 pm »

Hi,

We have an opnsense running with two WANs, one of them has the default gateway for all services and internal machines. We configured it with the OpenVPN binding to "Localhost" and the Nat redirect trick as stated here:

https://doc.pfsense.org/index.php/Multi-WAN_OpenVPN

Before the upgrade users can connect to any WAN interface, but after the 17.1 one of the WANs doesn't work anymore.  We still can connect to the VPN via the WAN that has the default gateway, but if we try to connect via the another address/wan, the packet arrives to the interface (we can see with tcpdump inside opnsense), but the response never goes out, and we see that openvpn server in opnsense throws this error multiple times:

Feb 2 23:22:25   openvpn[38459]: xx.xx.xx.xx:yyyyy write UDPv4: Can't assign requested address (code=49)

where xx.xx.xx.xx:yyyyy is the client ip/port trying to connect.

Can you give me some advice?
Thanks in advance