Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
3rd Interface Not Working as Expected
« previous
next »
Print
Pages: [
1
]
Author
Topic: 3rd Interface Not Working as Expected (Read 224 times)
Pfirepfox
Newbie
Posts: 37
Karma: 2
3rd Interface Not Working as Expected
«
on:
September 29, 2024, 01:49:50 pm »
Hi All,
I have been using OPNSense for ages in a pretty basic manner with just two interfaces being assigned (WAN & LAN) and a handful of services to up the security (Unbound, IPS, GeoBlocking, and some ACLs), with everything working great. However, recently I added a few security cameras to my house and for security wanted to place this on a new physical interface of my OPNSense device rather than it being a VLAN (My device has 4 ports so it seemed better to just create a new interface rather than mess around with VLANs).
The new interface and network has been assigned and it is a direct replica of my LAN, just with a different subnet. I configured some basic rules such as the below:
No WAN traffic on camera network
Camera network to camera network allow all (For the NVR + NAS)
Camera network to LAN allow all (So the cameras and NVR are accessible by other devices)
LAN to Camera network allow all (as per above)
NAT is default with nothing special in it.
This is where it gets a bit weird, everything works as expected for around 12 to 24 hours but then everything on the Camera network becomes unavailable with no apparent reason (to me anyway). I have changed the down stream switch (just for the Camera Network), all ethernet cables, and also tried the 4th port on my OPNSense device, however, the issue persists.
I have also looked at IPS, local DHCP, Firewall rules, and Unbound but havent found any logs which may indicate something is incorrect, as on boot everything works correctly. Restarting the network devices brings everything backup without an issue.
At this stage i have exhausted what i can think of, does anyone else have an idea of what it could be?
Logged
Pfirepfox
Newbie
Posts: 37
Karma: 2
Re: 3rd Interface Not Working as Expected
«
Reply #1 on:
September 30, 2024, 02:25:00 pm »
I have been investigating further and still cannot find an issue with my configuration. I have essentially followed the Setup Guest Guide here:
https://docs.opnsense.org/manual/how-tos/guestnet.html#step-1-configure-interface
, but rather than block rules added allow rules.
I can see the appropraite firewall rule is being hit on the LAN side but no response from the camera network, I'm really not sure what is going on here as everything works initially and then drops after a period of time. I think it is something to do with DHCP as whenever it drops i dont see an active lease for the camera network (192.168.51.1/24)
«
Last Edit: September 30, 2024, 02:28:16 pm by Pfirepfox
»
Logged
Pfirepfox
Newbie
Posts: 37
Karma: 2
Re: 3rd Interface Not Working as Expected
«
Reply #2 on:
Today
at 12:20:47 pm »
I have narrowed this down to the DHCP service, as i migrated the entire setup under my standard LAN network and it also dropped after 12 -24 hours even though all other devices on the LAN network remained unaffected. When i checked on the status no DHCP lease was active for the security cameras and NCR even though i configured them as static entries.
Can anyone think of why DHCP for certain devices is not working while other devices on the same network are? The only common denominator is the PoE switch which powers the devices, however, i have already replaced it once before. It is the same type though so i wonder if this type has an issue, or maybe the batch? But that seems unlikely...
Logged
cookiemonster
Hero Member
Posts: 1688
Karma: 90
Re: 3rd Interface Not Working as Expected
«
Reply #3 on:
Today
at 03:00:14 pm »
Camera network to camera network allow all (For the NVR + NAS)
This rule isn't needed right? Devices on the same network talk to each other via the switch without going through the firewall.
But not the reason for what's happening.
Switch on some power-saving setting that makes the interface go down according to OPN, maybe?
Anything in dmesg ?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
3rd Interface Not Working as Expected