FW rules to access APs

[papdee]

Can anyone advise of the FW rules so I can http access to my openWRT APs?

1. I have the default LAN Net created on install of opnSense.
2. I created 3 SSIDs and put them on 3 VLANs. At this point no problem with accessing the APs.
3. I added access rules for DNS and TCP 8000-10000 and then isolated each VLAN with block rules. No problem with CP and gaining access to internet.
4. I try to connect to my first AP on LAN Net 192.168.1.2 and it simply reroutes me to opnSense on 192.168.1.1 webgui. I also tried pinging 192.168.1.2 but the packets go to opnSense instead of the AP. Other than this the AP seems to be functioning correctly.

So up to step 2 everything is kosher but after creating the rules my packets get redirected to opnSense.

I am stumped. Any ideas?

[papdee]

Ignore this. sorry. my bad.

I looked at the ARP tables and saw 192.168.1.2 was assigned to the LAN interface. However it doesn't show on the configuration page for some reason. Will remove the offending ip address manually.

[papdee]

Can anyone help me explain why the ARP tables are being polluted?

configuration:
192.168.1.1 -> opnSense (re0)
192.168.1.2 -> openWRT AP

ARP Table:
192.168.1.1 -> opnSense (re0)
192.168.1.2.-> opnSense (re0)

ifconfig re0 delete 192.168.1.2

reboot

ARP Table after reboot:
192.168.1.1 -> opnSense (re0)
192.168.1.2 -> opnSense (re0)

Help????

[papdee]

OK...my bad again...

there was a virtual IP on the firewall for 192.168.1.2 and so I deleted it.

I downloaded the backup XML file and did a search for all IPs and found it was configured for some reason by mistake. Next time will use this method instead of clicking through all the menu options looking for a mistake and not finding it.

Maybe a menu option would be great to get a flat file overview of every configuration would be handy.