Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Converting from Cisco FPR1010 to OPNSense.
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Converting from Cisco FPR1010 to OPNSense. (Read 4675 times)
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #15 on:
January 26, 2023, 05:05:12 am »
8
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #16 on:
January 26, 2023, 05:05:34 am »
8
Logged
lilsense
Hero Member
Posts: 600
Karma: 19
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #17 on:
January 26, 2023, 11:50:42 am »
The least I believe that your picture 6 should be set to hybrid. as you do have NAT rules, and so whatever is selected is incorrect.
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #18 on:
January 26, 2023, 04:22:30 pm »
Morning!
Thank you for the help. When I get home I shall do that. I was thinking, should I remove the .182 virtual IP as it is the main pulled IP by PPPoE from my ISP?
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #19 on:
January 27, 2023, 02:33:28 am »
Evening.
Well, I did exactly as mentioned changing OUTBOUND NAT to Hybrid, and I also removed the VitrualIP x.x.x.182 as it was the default grabbed Router WAN.
But, to no avail.
I did notice that when using the default 192.168.1.0 Subnet (192.168.1.5 I.E) I could get on the internet all is well, but when I connect to my 192.168.5.0 Network, nothing.
P.S. - I wanted to mention, I did my 1:1 NAT as NAT, Not BINAT (if that makes a difference) and then I made NO NAT at all for my .182 (OPNSense WAN) to my LAN but as I said, on the default LAN I could get internet, but not through to my SG500X, So I wonder if I need another NAT for that.
So basically on my existing server;
PPPoE w/ Block of 8 Static IP's (6 usable)
LAN; 192.168.1.0
--I have an SG500X Cisco 48Port Switch that hosts a 192.168.5.0 Subnet which has a PBR back to the 192.168.1.0 Network via 192.168.1.2 GE 1/1 on the SG500X. So, 192.168.5.0 gets onto the Internet through the PBR to 192.168.1.2 which is on GE1/1 (as well) on the Cisco.
I am wondering if maybe my issue is a missing or incorrect configuration for data to go to/through the SG500X and back. As I mentioned, I created a static route '192.168.5.0/24 255.255.255.0 192.168.1.2' (not verbatim) and then OPNSense I made a Gateway 192.168.1.2 and added it to the IP Route configuration.
I mean, I suppose (but would greatly hate) to reconfigure my complete network all using 192.168.1.0 Network as I know by heart my hosts etc, and I know it's not terrible, but then I will always wonder how to actually do it this way, the way I want.
I had it this way before because I had wanted ONE Subnet for everything to be on, but had 2 ISP's with 2 PBR's, 192.168.5.2-192.168.5.128 PBR1 and then 192.168.5.129 - 192.168.5.224 PBR2. Though I removed my 2nd ISP, I left my network as is.
I have no issues changing my concept etc for something better, I am absolutely open to learn.
«
Last Edit: January 27, 2023, 04:54:55 pm by fbeye
»
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #20 on:
January 28, 2023, 02:20:16 am »
Hello.
So I was thinking I jumped into some advanced (for me) configurations and wanted to go back to basics and build upon them as I go.
I set up my WAN to PPPoE and it grabbed the correct IP from my Block of Static IP's, so I did that right.
I set up my LAN as default, 192.168.1.0 and when I plug my PC in I get Internet access, so I did that right.
What I want to do, and correct me if I am wrong, is allow Internet access to my SG500X L3 Switch. On the Switch, GE1/1 is set to 192.168.1.2 (an IP from OPNSense) and I have a Network of 192.168.5.0. 192.168.5.0 gets on the Internet with a PBR via 192.168.1.2 which talks to 192.168.1.1 (On OPNSense) and will use it's WAN for Internet, x.x.x.182.
On Cisco, this is how I have it set and it works. I am assuming because 192.168.1.2 would be the same with Opn, I really do not need to change anything on the SG500X as the PBR is not changing... I also assume all I need on the OPNSense is a #1 Gateway such as 192.168.1.2 (5 Network is reached via 192.168.1.2) and #2 a Route to 192.168.5.0 using GW 192.168.1.2.
Naturally I am getting No Internet connection having it set up this way.. So I am missing something, which is probably the same something as before..But instead of trying to figure out all my virtual ip's etc I want to see in the least why 192.168.5.0 does not get Internet.
I want to do baby steps before I get all advanced.
Also, at this stage NO NAT or Firewall Rules or Outbound has been changed... I did change to hybrid outbound but to no avail.
Logged
lilsense
Hero Member
Posts: 600
Karma: 19
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #21 on:
January 28, 2023, 05:37:14 pm »
NAT is one to many, so you should try binat.
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #22 on:
January 28, 2023, 05:51:02 pm »
Hello
I will give that a shot tonight.. For the STATIC WAN to LAN's.
Do I need to create a NAT for the 192.168.5.0? That would indeed be 1 to many, as that subnet would be using the WAN IP. By default clearly NAT goes to the 192.168.1.0 Subnet
on
the OPNSense because I could surf the web, but not through the 5.0 Subnet.
Logged
lilsense
Hero Member
Posts: 600
Karma: 19
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #23 on:
January 29, 2023, 03:18:19 am »
for every VLAN that needs to go to the Internet then yes.
Logged
fbeye
Full Member
Posts: 126
Karma: 1
Re: Converting from Cisco FPR1010 to OPNSense.
«
Reply #24 on:
January 29, 2023, 05:31:20 pm »
Yeah I clearly am a no go on this. For whatever reason I can not get my INNER network to get on the net, and I did all we spoke of. This 192.168.5.0 is being generated/hosted on the SG500X and for some reason I can't get it to see the Internet.
I will give it a break for now.
Thank you.
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Converting from Cisco FPR1010 to OPNSense.