Topics

1

General Discussion / Multi-WAN Setup

« on: August 28, 2024, 05:35:29 pm »

I have a simple OPNsense system. One LAN, one WAN connected to a cable modem.  My ISP is not very reliable and I want a backup connection for a critical host.  I intend to add a 4G modem as WAN1 and follow the directions in the documentation for a multi-WAN setup.  However I only want the one host to fallback to the 4G connection.

In "Step 4 - Policy based routing" it says to change the default LAN pass rule to add the WANGWGROUP as the gateway.  Instead of this I intend to add another rule above this whose source matches my critical host and assign it the WANGWGROUP. 

Will this work?

2

23.1 Legacy Series / IPv6 Failing on 23.1.1_2

« on: March 02, 2023, 02:43:53 am »

I have just upgraded from version 22 (22.7 I think) and am getting routing error messages every few seconds of the form "cannot forward from fe80::ca56:4eae:27be:12b0 to ff02::1:3 nxt 17 received on em2".  To setup IPv6 on version 22 I enabled it on all interfaces and on the firewall then set the LAN to Track Interface . . . I think!  That worked well on version 22, can anyone help solve the problem on version 23? 

3

22.1 Legacy Series / WAN interface fails

« on: July 31, 2022, 07:58:45 pm »

I have a two Opnsense systems, one connected to an AT&T VDSL gateway and the other an Xfinity cable gateway.  Periodically the WAN interfaces or each one fail, this seems to be linked to when the provider resets their gateway and/or updates the public IP address.  Both Opnsense systems are setup up in their gateways' DMZ.  It appears that the gateway goes down for a few minutes, usually in the middle of the night, that breaks the WAN/internet communication but Opnsense does not recover when the internet comes back up.  Rebooting Opnsense cures the issue.  One system is in Chicago and the other in Boston but I can only be in one place at a time, hence this is a problem!

As this is the same behavior on two different gateways, I am thinking it is an Opnsense issue.  Any thoughts on where I start looking?

4

General Discussion / Firewall Rule Processing

« on: April 10, 2021, 03:05:08 pm »

I have a question on how the firewall rules are executed. 

I use a NAT Port Forward to redirect DNS requests from selected devices (using an alias) on my LAN to an external server of my choice.  That automatically creates a firewall rule to pass the traffic to the external server.  I also want to setup a failover group but leave those devices using the default WAN0, so I have another firewall rule to pass traffic from those devices to WAN0 gateway.  I cannot combine those two rules as I cannot edit the rule linked to the NAT Port Forward.

If I set "Quick" only on the last rule, will both of those rules be executed on a match?

5

General Discussion / DNS Redirect

« on: February 28, 2021, 11:26:26 pm »

I am looking for help on how to redirect DNS requests to an external server of my choice.

I have a couple of devices that are hard coded to Google DNS servers.  I can catch those requests with a Port Forward and redirect them to 127.0.0.1 and use Unbound to send them to, for example, OpenDNS.  However that means all of my devices now use OpenDNS, I have tried using the external server IP in the Port Forward instead of  127.0.0.1 but it still redirects to Unbound.

I want to use Unbound to service most of my LAN but redirect a couple of devices to a different DNS server.  Any thoughts on how I do that?