Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Access non-DHCP client from different subnet/interface
« previous
next »
Print
Pages: [
1
]
Author
Topic: Access non-DHCP client from different subnet/interface (Read 1337 times)
Flecto
Newbie
Posts: 4
Karma: 0
Access non-DHCP client from different subnet/interface
«
on:
August 25, 2020, 04:51:09 pm »
I just recently switch from pfSense to OPNsense and I'm having some issues with accessing clients connected to a different interface. Here's the situation (this is simplified):
LAN: subnet 192.168.1.0/24, DHCP provided by OPNsense
OPT2: subnet 192.168.150.0/24, DHCP provided by OPNsense (address pool 192.168.150.200 - 192.168.150.254)
I have a simple WiFi access point connected via ethernet to OPT2. Unfortunately, it does not have a DHCP client, so I have to manually set its IP to 192.168.150.100. The WiFi works and WiFi clients get an IP from OPNsense in the range 192.168.150.200 - 192.168.150.254.
I can ping WiFi clients from LAN (for example, I can ping 192.168.150.200 from LAN), but I cannot ping the access point itself (with the manually configured IP) from LAN, i.e. I cannot ping 192.168.150.100 from LAN (I can, however, ping it from the OPT2 interface of OPNsense, so OPNsense can ping 192.168.150.100 from 192.168.150.1 but not from 192.168.1.1).
So basically that means I cannot configure the AP from any computer in my LAN.
Is this expected behavior or did I mess something up? I was playing with setting a manual gateway (192.168.150.1) and then manual route using that gateway to 192.168.150.100, but I ended up getting an infinite loop (traceroute just got stuck on 192.168.150.1).
One last note:
sudo nping --icmp --dest-mac <MAC of OPNsense OPT2 interface> 192.168.150.100
DOES work. So that leads me to believe that this is a routing issue and not a firewall issue (obviously, I'm not passing traffic from OPT2 to LAN, but LAN can access anything).
Logged
Flecto
Newbie
Posts: 4
Karma: 0
Re: Access non-DHCP client from different subnet/interface
«
Reply #1 on:
August 26, 2020, 05:52:57 am »
I need to correct myself:
nping
does NOT work (I didn't carefully look at the output). So is it possible that the firewall blocks the returning ping packages?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Access non-DHCP client from different subnet/interface