Topics

Hi, is it possible to use monit with configctl?
I have problems with my WAN Interface when my provider is changing the public IP. I have to reboot or disable and enable the WAN interface to get opnsense connected again.

Now I tried to configure monit with configtl and following commands to "restart" the WAN Interface

Start Service:

Code Select Expand

/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1
Stop Service:

Code Select Expand

/usr/local/sbin/configctl interface linkup stop vtnet1

When I manually execute the command, the WAN Interface is online again, via monit it does not work. I can see in the log file, that monit ist executing the commands, but nothing happens.

Logfile from monit:

Code Select Expand

<30>1 2022-04-16T10:48:18+02:00 xx.xx.at monit 58983 - [meta sequenceId="8"] 'wan_check' stop: '/usr/local/sbin/configctl interface linkup stop vtnet1'
<30>1 2022-04-16T10:48:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="9"] 'wan_check' start: '/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1'
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="1"] Ping request for 8.8.8.8 1/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="2"] Ping request for 8.8.8.8 2/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="3"] Ping request for 8.8.8.8 3/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="4"] Ping request for 8.8.8.8 4/5 failed -- No route to host
<27>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="5"] Ping request for 8.8.8.8 5/5 failed -- No route to host
<27>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="6"] 'wan_check' ping test failed
<30>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="7"] 'wan_check' trying to restart
<30>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="8"] 'wan_check' stop: '/usr/local/sbin/configctl interface linkup stop vtnet1'
<30>1 2022-04-16T10:50:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="9"] 'wan_check' start: '/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1'
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="1"] Ping request for 8.8.8.8 1/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="2"] Ping request for 8.8.8.8 2/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="3"] Ping request for 8.8.8.8 3/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="4"] Ping request for 8.8.8.8 4/5 failed -- No route to host
<27>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="5"] Ping request for 8.8.8.8 5/5 failed -- No route to host
<27>1 2022-04-16T10:52:20+02:00  monit 58983 - [meta sequenceId="6"] 'wan_check' ping test failed
<30>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="7"] 'wan_check' trying to restart

Is it a permissions or environment problem ?!

Hi,

my WAN-Interface is configured to dhcp to get a public IP address from my provider. I use a LTE-moden in bridge mode. I think my provider change the address every 24hours and after the public IP has changed my internet connection is broken. Opnsense  switched the default gateway to offline because ping to 8.8.8.8 failed.

To get my internet connection online again I found two options:
* Reboot the complete system
* Start the script /usr/local/etc/rc.reload_interfaces

Is it possible to renew the IP address when the default GW is offline? Is there a existing function?

If not I will try to implement a script via cron.

like:

Code Select Expand

#!/bin/sh
/usr/bin/timeout 10 /sbin/ping -c4 google.com > /dev/null

if [ $? != 0 ]
then
  /usr/local/etc/rc.reload_interfaces
fi


thanks

Hi,

I migrated from a Ubiquiti Edgerouter to a virtual opnsense installation. Migration was successfully, edge router is powered off  ;) .  Now i configure some additional services, like DHCP, port forwarding, dyndns ....

Port forwarding works as expected (access from Internet), but from my internal LAN I cannot connect to  the forwarded ports. I used following manual to configure the "Reflection NAT

https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

My setup:
* opnsense latest version
* virtual machine with one network adapter
* I use VLANs to separate DMZ,WAN,LAN, GUEST an so on. This configuration is working fine.
* My WAN connection: I use a Netgear LTE Modem in router mode. WAN Interface is a static IP4 Address (192.168.5.100) and my default gateway is 192.168.5.1 (Netgear modem). Is this a problem? Should I set the modem to "bridge mode"?

I tried to set the "Filter rule association" to "Pass" but the connection i still not possible.

What can I do to find the failure?

BR, cnu80

PS: Is it better to use several network interfaces instead of a VLAN-trunk?