Topics

1

24.7 Production Series / WAN2 IPv4 stopped working, DHCP works, no ping

« on: October 31, 2024, 07:05:41 am »

I have 2 WAN interfaces, and this worked until a while ago fine. A few weeks ago it seem to stop working (I did not notice it :-(). I did not make any change to my config. I also tried to reboot and upgrade, but no difference.

The behavior I am seeing on WAN2 is as follows:
1) It comes up successfully after reboot
2) It gets a IPv4 and IPv6 address via DHCP successfully
    Renewing DHCP and running tcpdump, show I can do it continuously, so the uplink is fine
3) Initial ping in the system->gateway looks fine, a good RTT shown
4) After a few minutes it turns red and WAN2 is down for IPv4
5) IPv6 continues to work fine (with ping and traffic)

When I check the CLI, I see the routing correctly on WAN2:

root@opnsense:~ # netstat -rn | grep 192.168.178
192.168.178.0/24   link#3             U        vtnet2
192.168.178.164    link#4             UHS         lo0

But ping is failing with a weird error:

root@opnsense:~ # ping 192.168.178.1
PING 192.168.178.1 (192.168.178.1): 56 data bytes
ping: sendto: Permission denied
ping: sendto: Permission denied

Anybody has an idea how to fix this WAN2? Otherwise I can cancel my subscription for my backup WAN2 :-(

BTW, I cannot ping my own assigned IP via DHCP (it is the only device attached, so no duplicate IP anywhere):

root@opnsense:~ # ping 192.168.178.164
PING 192.168.178.164 (192.168.178.164): 56 data bytes
^C
--- 192.168.178.164 ping statistics ---
15 packets transmitted, 0 packets received, 100.0% packet loss

2

High availability / Multi-WAN failover not working?

« on: November 29, 2023, 08:38:36 am »

I have now 2 uplinks (1 fiber ISP and 1 coax ISP) and I am trying to configure the multi-WAN setup (https://docs.opnsense.org/manual/how-tos/multiwan.html and https://www.thomas-krenn.com/de/wiki/OPNsense_Multi_WAN), but it is not working.

My internet is connected as follows:
WAN - re0 (fiber ISP)
WAN2 - ue0 (coax ISP)

By default all traffic goes via the WAN and if I disable the gateway, it fails over successfully to WAN2.

Only when I try to simulate a failover, in the GUI all looks good and routing on OPNsense looks good too ... BUT the LAN connectivity never starts working via WAN2.

I used the following steps:
1) Ping from LAN e.g. IP 1.1.1.1 or 9.9.9.9 - WORKs
2) ifconfig re0 down
3) (wait 1 minute)
4) In the GUI WAN is down and WAN2 is active
5) OPNsense CLI shows default GW is now WAN2
6) Repeat step 1, but it FAILs
7) Checked the firewall log and I can see the ping is going out via WAN2 (ue0), but no response is received?

My configuration is in the images below, I think all looks according to the how-tos?

3

General Discussion / DHCP / client information via API?

« on: August 23, 2022, 08:31:05 am »

Currently I am running Unifi USG router and switching to OPNsense. I am using the Unifi API to retrieve the clients, from which I can determine if some new MAC addresses has entered my network (and notifies me). I cannot see an API option or anything else to get this type of information from OPNsense? Anybody an idea here?