OPNsense running on a rented VPS -> 1 WAN-Interface, multiple tun/tap-Interfaces

Started by mophi, August 27, 2018, 04:53:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 27, 2018, 04:53:19 PM
Hi Folks,

i accomplished to run OPNsense on a rented VPS (edis.at).

In my Setup i have one virtual Network-Adapter as WAN-Interface with a public IP-Adress and one tap-Device (OpenVPN) as LAN-Interface for persistent Tunnels (A Connection from Home-Network).

The Problem is, when I try to add a 3rd VPN-Interface (tun-Device from OpenVPN) by pushing the "+"-Button, the existend LAN-Interface changes its's Device rather than adding a 3rd Interface.

Does someone know that behaviour or maybe an workaround for this?

Kind regards,
Mophi
August 27, 2018, 07:04:42 PM #1
How about running the lan on a vlan with the wan as parent interface?

Bart...
August 28, 2018, 10:23:51 AM #2
Hello Bart,

Thanks for participating in my problem!

Since I use a VPS (based on KVM), I only have one virtual network adapter that is used as a WAN interface. I am not sure if this device supports VLANs. Also, I do not want to change too much on the WAN to prevent lockout situations.

Is there another way around this problem?

Best regards,
Mophi
August 28, 2018, 01:44:12 PM #3
The host doesn't have to support VLAN's. The objective is to create a fixed interface that the tunnel interfaces can connect to. If I understand you correctly, there are no other devices on your 'LAN' currently.

If you have access to the console through the VPS provider, you can revert any changes from option 13. No risk of lockout.

Bart...
August 29, 2018, 10:28:46 AM #4
Hello Bart,

I added some VLANs with WAN as parent and tried to mount them as interfaces. I could not add a 3rd interface!

When I press the "+" button, the assigned device changes from the LAN interface instead of adding a third one. This should be treated as a BUG!

Do you have another idea for a workaround?

Kind regards,
Mophi
August 29, 2018, 10:53:57 AM #5
HI,

same problem with Zerotier tun/tap.
I changed to dev 19.1 same problem :-(

Greetings Mario
August 29, 2018, 06:58:01 PM #6
Can you add just one VLAN as your LAN and add the other interfaces intrinsically through adding VPN servers?

Bart...
August 29, 2018, 09:48:47 PM #7
HI Bart,

opnsense runs on an Vserver with only one networkcard.
This is connect to wan. The Zerotunnels should run as virtual interfaces.

Greetings Mario
August 31, 2018, 07:55:52 AM #8
Hi Bart,

thank you for your help, but that doesn't work for me!

I did your recommendation, added a VLAN with WAN as parent and assigned it as LAN-Interface (with prevent from removal).

Afterwards i wanted to assign one tap-Device as "VPN"-Interface, but when i push "+" the Device of LAN-Interface changes from VLAN-Device to the tap-Device, instead of creating a new Interface with the tap, which i wanted to define with name "VPN".

Do you have any other ideas?
August 31, 2018, 08:39:12 AM #9
You don't need to add the interfaces - just add the VPN servers. They will create the interfaces for you.

Bart...
September 05, 2018, 05:09:18 PM #10
Hi,

no, they don't!

But it is possible to assign the Interfaces with the CLI. Thank you "Mann-IT" for the hint!

I'm convinced, this is still a BUG in the GUI!

Kind regards,
Mophi
Print
Go Up Pages1
User actions