Laptop & Managed Switch (TL-SG10) & VLANs

Started by z0rk, January 16, 2023, 01:03:30 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 27, 2023, 12:36:48 AM #15 Last Edit: January 27, 2023, 12:41:40 AM by z0rk
Quote from: Demusman on January 25, 2023, 12:44:52 AM
Plug a pc into port 2 on the switch with a static address in the same subnet as the wan and see if you can ping it.

I was able to ping it.
Then I switched WAN back to DHCP, left the the firewall disabled, and plugged my modem in. It instantly picked up a public IP address from my ISP.
OPNsense 24.7.2
January 27, 2023, 01:47:16 AM #16
Not sure about this but once you set the WAN back to dhcp, that probably enabled the firewall again.
You can check by running pfctl -e, it'll probably say it's already enabled. Again, not sure if that enables it but any change in rules does so that may also.

You didn't say what type of internet, if you have a cable modem you will have to power cycle it anytime you change the directly connected device.
I wonder if your dhcp lease expired before you plugged the laptop back in and that's why it worked now. If you get a public IP there shouldn't be anything blocking that in the firewall.

Obviously, if it isn't already, reenable pf and see what happens.
January 27, 2023, 03:13:10 AM #17
Quote from: Demusman on January 27, 2023, 01:47:16 AM
Not sure about this but once you set the WAN back to dhcp, that probably enabled the firewall again.
You can check by running pfctl -e, it'll probably say it's already enabled. Again, not sure if that enables it but any change in rules does so that may also.

That would make sense as a best practice security measure. Also, after I switched back to DHCP I didn't power cycle the modem I only re-seated it back into port 2 and it picked up an IP immediately.

Quote from: Demusman on January 27, 2023, 01:47:16 AM
You didn't say what type of internet, if you have a cable modem you will have to power cycle it anytime you change the directly connected device.

It's a cable modem. Generally speaking I found this to be true, but not always, e.g. after I disconnected the modem from the switch I re-seated it back into my production OPNsense box and it picked up an IP without the need to power cycle.

Quote from: Demusman on January 27, 2023, 01:47:16 AM
I wonder if your dhcp lease expired before you plugged the laptop back in and that's why it worked now. If you get a public IP there shouldn't be anything blocking that in the firewall.
Obviously, if it isn't already, reenable pf and see what happens.

Possibly, I should have taken note of the IP. First I thought it was maybe related to a firewall rule as well, but I went over my WAN rules and they're identical to the rules of my production machine.
The next thing I'll try is to power cycle the modem and this time I will wait longer to see if it picks up an IP. Maybe I just didn't wait long enough.

Thanks!
OPNsense 24.7.2
Print
Go Up Pages 1 2
User actions