Show Posts
1
General Discussion / Static Routes Not Working [SOLVED]
« on: March 03, 2019, 01:20:46 am »
Hello. I've been using OPNsense for about a month now.
I have a very standard set up with only two interfaces (inside & outside);
and the standard firewall rules (to allow traffic from in to out with NAT).
Everything works fine, but I can't get the static routes to work.
I followed the documentation - created a new gateway - and then simply created a static route on the WAN/outside interface pointing to the next hop for the unique destination network.
It's a very simple and basic step, but it doesn't work.
I'm running the latest release (OPNsense 19.1.2-amd64).
When I run a traceroute from a host on the inside network for a device on the destination network which the static route is for, it still goes through the default gateway.
When I ssh into OPNsense, netstat -rn, the routing table is correct - it shows the new static route.
However, even from ssh, I can't ping a device via the static route.
I don't know if I am missing something very simple or the OPNsense routing isn't working properly.
I'd appreciate it if someone else could test the static routing and confirm that it is or isn't working properly.
Can anyone do that?
Also, if anyone else has come across this problem and figured it out or not, it would be a big help if you could post your experience.
Thanks in advance,
A Sood
=== Solution for anyone else who is new to OPNsense and runs into the same problem ===
So the solution for me was to create another firewall rule
to allow from the lan subnets
with the destination subnet of the static route
via the desired gateway of the static route.
And it must be applied before the default lan to wan via default gateway rule.
I have a very standard set up with only two interfaces (inside & outside);
and the standard firewall rules (to allow traffic from in to out with NAT).
Everything works fine, but I can't get the static routes to work.
I followed the documentation - created a new gateway - and then simply created a static route on the WAN/outside interface pointing to the next hop for the unique destination network.
It's a very simple and basic step, but it doesn't work.
I'm running the latest release (OPNsense 19.1.2-amd64).
When I run a traceroute from a host on the inside network for a device on the destination network which the static route is for, it still goes through the default gateway.
When I ssh into OPNsense, netstat -rn, the routing table is correct - it shows the new static route.
However, even from ssh, I can't ping a device via the static route.
I don't know if I am missing something very simple or the OPNsense routing isn't working properly.
I'd appreciate it if someone else could test the static routing and confirm that it is or isn't working properly.
Can anyone do that?
Also, if anyone else has come across this problem and figured it out or not, it would be a big help if you could post your experience.
Thanks in advance,
A Sood
=== Solution for anyone else who is new to OPNsense and runs into the same problem ===
So the solution for me was to create another firewall rule
to allow from the lan subnets
with the destination subnet of the static route
via the desired gateway of the static route.
And it must be applied before the default lan to wan via default gateway rule.