Topics

1

18.7 Legacy Series / Can't Access GUI on Secondary

« on: September 12, 2018, 01:23:38 am »

I have a pair of firewalls and a really weird issue. I'm basically never attached to my LAN. I either use the public IP that's has a rule to only allow specific IPs or I'm coming across a VPN.

My primary works fine. I can access it both across the tunnel or using it's public. My secondary, I can't except coming from my VM I used for testing that's on the LAN. Even if I put the primary in persistent maintenance mode, it doesn't work on the CARP IP either.

I enabled logging on the rule that I have allowing traffic from the WAN and the log shows it being allowed but all I ever get is "This site can’t be reached x.x.x.x took too long to respond." So at this point I'm at a loss as to what's causing it. It was working fine until I had it reboot (through GUI) because it was giving an error checking for updates yesterday.

Version: OPNsense 18.7.1_3-amd64

2

18.1 Legacy Series / IPSec Supernet

« on: June 25, 2018, 12:24:55 am »

I have an HA pair of OPNsense firewalls and an IPSec tunnel set up between it (local) and home (remote). The tunnel runs to an Ubuntu server running StrongSwan. The local side I have a /24 broken down into a couple /27s and a /25 so I just summarized it as the /24. The tunnel is up and active and if I initiate the traffic from the remote side, everything works as expected. If I initiate it from anything local, it doesn't. Running packet captures, if I start a ping from the remote side, I see it on the IPSec and local interfaces but if I do it from the local side, the packet capture shows it on the WAN interface. Is there something I'm missing to get this to work this way?