Messages

16

22.1 Legacy Series / ppp devices & pppoe not working

« on: November 16, 2021, 10:21:24 am »

Hello all,

i have recently updated to 22.1 BETA and upon reboot, the pppoe and ppp (usb 3g dongle) are not working. I have to manualy go to Interfaces->Devices, choose the device and just click on save, without changing any setting, so that they get an IP and connect to the provider.

17

21.1 Legacy Series / Info about business edition

« on: April 13, 2021, 01:17:18 pm »

Hello all,

since i show the announcement for the opnsense business edition, i am a home user, but i would like to know if the reliability improvements only, are going to be applied to the free version sonner or later, also.

Just asking so in case i will upgrade because some of them are important.

thank you in advance

18

20.1 Legacy Series / nat reflection & dual nat

« on: May 16, 2020, 11:34:04 am »

hello,

i would like to resolve a problem with this setup:

Router with PUBLIC IP x.x.x.x , LAN ip 172.16.99.1 and DMZ to ip 172.16.99.2 ------ opnsense with wan ip 172.16.99.2 and lan ip 192.168.1.1.

Port forward on opnsense NAT firewall with destination wan ip address port 5001 and nat to port 5000 of internal ip 192.168.1.10.

From outside networks port forward working correctly. From the inside using wan public ip x.x.x.x (dynamic) nat reflection not working.

Nat reflection enabled on firewall settings and at the nat rule.

Is there need for an outbound rule or something?

Thanks

19

20.1 Legacy Series / Re: Port forward with WAN private IP

« on: May 15, 2020, 09:12:58 pm »

Regarding wan nat reflection i have this setup:

Router with public ip x.x.x.x and lan ip 172.16.99.1 and dmz to ip 172.16.99.2 ------ opnsense wan ip 172.16.99.2 and lan ip 192.168.1.1

Port forward on opnsense destination wan ip address port 5001 nat to port 5000 internal ip 192.168.1.10.

From outside networks port forward working correctly. From the inside using wan public ip x.x.x.x (dynamic) nat reflection not working.

I have nat reflection enabled on firewall settings and at the nat rule.

Thanks

20

20.1 Legacy Series / Re: Port forward with WAN private IP

« on: May 15, 2020, 04:06:05 pm »

Hello,
in addition to this, why nat reflection from internal lan to wan ip (public ip) behind double nat is now working correctly (very slow/not loading)?

mainly in different ports redirected (ex. port 5001 wan (behind double nat) to port 5000 internal )

is there something else to check?

21

20.1 Legacy Series / dyndns with dual nat

« on: May 10, 2020, 04:52:20 pm »

Hello all,

I recently setup a dhcp wan connection behind NAT. The strange problem is with dynamic dns.
The dyndns gets the internal ip 172.x.x.x and not the real wan ip. It is strange that i have also a 3g wwan connection in the same setup that also gets a private range ip 10.x.x.x but if i choose this interface for the dyndns it correctly picks the public wan ip. The problem is with the wan.

When i run curl -4 url (and any ip site like checkip ecc). It shows the correct wan ip.
Why the opnsense client only for this interface shows the internal ip?
What can be the cause of that?

Thank you

22

20.1 Legacy Series / question "system: add data length option to gateway monitor settings"

« on: May 01, 2020, 04:23:48 pm »

Hello to everyone one.
I would like to know if someone can help, since i have a multi wan setup, on ow to better use and what the purpose of packet size in the gateway monitoring system instead of leaving default.
What can change depending on the packet size?

Thank you in advance.

23

20.1 Legacy Series / Re: pppoe passhtrough - packet loss

« on: April 27, 2020, 03:15:25 pm »

*Update*

One thing regarding my packet loss problem, what i noticed in my configuration (i use multiwan setup),
is that the packet loss on my pppoe interface occurs only when i give priority to the pppoe gateway as default gateway. (All 3 gateways are chosen as upstream ones)

If i give for example priority 253 to pppoe gateway and 254 to the wan2 and 3gwwan gateways, i have the packet loss, if i leave all at the same priority no packet loss to my pppoe wan connection (the faster one) occurs.

The problems is that leaving all at the same priority, the opnsense default gateway is chosen randomly and sometimes the 3g wwan gateway becomes default and uses many data, that i don't want too.

Thank you.

24

20.1 Legacy Series / Dynamic gateway policy

« on: April 24, 2020, 06:00:27 pm »

Hello all,

could someone please explain me this new option in the interfaces configuration:

Dynamic gateway policy    
This interface does not require an intermediate system to act as a gateway
If the destination is directly reachable via an interface requiring no intermediary system to act as a gateway, you can select this option which allows dynamic gateways to be created without direct target addresses. Some tunnel types support this.

I use pppoe and 3g wan-usb ppp with dynamic ip for wan , wireguard and openvpn.
In which case should i use it, i cannot understand "intermediate system" meaning.

Thank you

25

20.1 Legacy Series / Re: pppoe passhtrough - packet loss

« on: April 17, 2020, 11:10:13 am »

Just my 2 cents.

OPNsense's PPPoE performance is notoriously bad when you have a weak CPU. Probably this could explain your woes. What hardware do you run it on?

This is alas a FreeBSD legacy and also affects Pfsense. Even if you have capable NICs in the router, when the CPU is underpowered, PPPoE will suffer. Look up PC Engines APU2 related topics here, Pfsense issue 4821 or FreeBSD bug 203856 for examples.

I'd try a Linux-based distrib on the same hardware, like a current OpenWRT to see if the problem persists.

hi thank you for the reply.

I run my opnsense in a vm in proxmox with an Inter Xeon 1220 v6 as cpu.
in the past both with pfsense or first opnsense installations i never encountered this problem. It is something happening now.

I tried to use a windows pc making a pppoe call with the cable that goes to opnsense and i had no packet loss at all.

I am trying changing mtu mru values but nothing happens, packet loss continues.

26

20.1 Legacy Series / Re: pppoe passhtrough - packet loss

« on: April 14, 2020, 04:39:07 pm »

Just a thought... could it be an MTU related problem?

By the way, double NAT is not a problem. Here in Argentina I've installed a number of OPNSense boxes wid double NAT and work just fine.
The only problems I've found is that to do NAT reflection you have to create extra NAT rules, and if the ISP changes the public IP, which they usually do, could break some VoIP registers if you are using a PBX.
To open ports you just have to make a DMZ in the ISP router pointing to your OPNSense WAN IP.

hi and thank you for the reply.

i tried to lower the mtu, first 1492, then 1488 then 1480 and so on until 1430 but still had the packet loss.
the double nat creates problem to the outside clients connecting to vpn and voip server behind opnsense (since wan ip is not reachable).

I would like to avoid the isp modem doing the dmz and nating since i cannot set it to bridge mode, only way is pppoe passthrough.

27

20.1 Legacy Series / Re: pppoe passhtrough - packet loss

« on: April 14, 2020, 01:16:05 pm »

*UPDATE*

i changed from pppoe to dhcp (ip from isp modem / double NAT) and internet works without packet loss.

The problem is that with this way i have double NAT and no public ip to opnsense.

Could it be a problem with the pppoe of opnsense?

28

20.1 Legacy Series / pppoe passhtrough - packet loss

« on: April 14, 2020, 09:42:29 am »

Hello all,

i have a pppoe wan connection which makes the call through the providers vdsl modem.
The modem has it's own wan connection with ppoe passhthrough enabled so opnsense can make it's own pppoe connection.

The problem is that the pppoe connection on opnsense has packet loss 3-18% (which i see on the gateway monitor too) instead if i connect a pc to another lan port of the modem (through the modems pppoe connection) there is no packet loss.

I changed modem, i resetted it i changed ports, decreased MTU nothing.
Packet loss on opnsense pppoe connection persists.

The setup of the main wan connection through pppoe has remained the same for many months, this has starded lately with the last versions.

If someone with pppoe passthrough can test pppoe through passthrough, and tell me the results please i would be grateful.

Thank you.

29

20.1 Legacy Series / Re: 4G Connection Strength

« on: March 31, 2020, 02:17:57 pm »

Hello Pfirepfox,

I spent the last few days setting up 4G on my OpnSense machine. There is built-in signal strength metering available (at least with my Huawei E3372h USB 4G modem). Signal strength in the real world is measured using RSSI. If you go to Reporting -> Health there should be a tab called Cellular which shows a graph of the RSSI.

RSSI shown is using the scale that is retrieved using AT commands to the modem. These are not the absolute RSSI numbers. For an overview of RSSI values see https://m2msupport.net/m2msupport/atcsq-signal-quality/

Hope this helps.

Hi,

Can you tell me which at command setport mode you have the 3372h set on? Also in the status page and interfaces overview what you see as mode? Cause i have many crash problems with the same usb stick.
Than you

30

20.1 Legacy Series / Re: wireguard 3g wan & crashes on reboot/shutdown

« on: March 22, 2020, 10:08:56 am »

Hello all,

i have resolved temporaly the problem by disabling the gateway monitor at the wireguard and the 3g ppp gateway.

With gateway monitoring enabled to wireguard and/or 3g usb gateway, when i try to reboot or shutdown the firewall crashes.

If i disable monitoring on both gateways then i can reboot snd shutdown normaly.

If someone with similar setup can verify please so we can open a bug case.

Thank you.