Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
Backup can not ping any host inside the network
« previous
next »
Print
Pages: [
1
]
Author
Topic: Backup can not ping any host inside the network (Read 662 times)
mrk45k
Jr. Member
Posts: 53
Karma: 2
Backup can not ping any host inside the network
«
on:
July 06, 2024, 09:37:50 pm »
Hello,
i have problems to reach any host inside my network.
HA is working, switch over and reverse is working. Both are possible to ping each other at the pfsync interface.
Both can reach the modem and the internet. But The master can ping all hosts inside the network.
Thebackup can not! Doesn't matter wich appliance is master.
It was working several weeks ago. I know that because a allready added the NUT service for an upsserver.
For that i took data from an other host.
I changed my firewall appliances (restored a working backup) and made also the last update of opnsense.
I do not know since the behavior now is present.
my opnsense versions are:
OPNsense 24.1.9_4-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.14
I captured both firewalls. The request and replys are at both firewalls present, but no response at the console.
I also detect no blocks. Any one an idea of that behavior?
Edit.: The backup node can not reach any kind of server inside the network. Not only Ping (icmp).
«
Last Edit: July 06, 2024, 10:07:13 pm by mrk45k
»
Logged
mrk45k
Jr. Member
Posts: 53
Karma: 2
Re: Backup can not ping any host inside the network
«
Reply #1 on:
July 07, 2024, 07:55:46 pm »
I guess, i got/solve it.
The reason was (is still exiting at some vlans) that the Outbound NAT rules were not correct. I do not know why that works previously with the old appliances and/or older opnsense versions.
I restored only the backups of the old appliances.
I think i will boot the old ones and will check if there is a difference to the new ones, now.
Reason:
The Interface IP was changed to the virtual one. You can see uploaded screenshot. But reverse the NAT directing to (i guess) the master interface address. Bug or maybe the problem takes place also there ->
https://redmine.pfsense.org/issues/14026
idk yet.
If i set the outbound nat as follows:
if source and destination is in same net then use the NAT address of the interface addr
..then it is working, except reaching of the virtual or master interface address. But i can reach hosts inside the network.
«
Last Edit: July 07, 2024, 08:29:13 pm by mrk45k
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
Backup can not ping any host inside the network