SOLVED! WHAT am I missing?!? (Adding a subnet)

Started by dpshak, March 03, 2021, 03:56:46 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 03, 2021, 03:56:46 PM Last Edit: March 04, 2021, 10:06:27 AM by dpshak
I have 21.1.2-amd64 in the ProtectLi minicomputer.

For about 1 year now I've been running OPNsense, with a single LAN, connect to my ISP (Comcast).  It worked just fine.  However; my homebuilt security system is NOT working how I anticipated (or wanted) so I decided to replace my homebuilt system with commercial, cloud-based hardware.  To accommodate the new hardware, I wanted to add a new LAN (subnet?) to my OPNsense router. 

My goal was to isolate these new IoT devices (on the new LAN) from the hard-wired and WiFi desktops, laptops, and cell phones on my 'home' network.  To that end: I added em2, gave em2 a static address, and enabled em2.  After a LOT of fiddling around, I have managed to get hardware on em2 to communicate within the em2 LAN, but I have NO internet connectivity!

WHAT AM I MISSING?!? 
I checked all of the 'pre-configured' firewall rules for my WAN/Home networks, tried to copy/paste seemingly appropriate rules to my IoT network, but none of them worked!  I also tried adding rules from FAQs, that I found on the interwebz, for both pfSense and OPNsense, but none of THEM worked either...

Help?!?
March 03, 2021, 04:04:23 PM #1
You have to add allow rules to the firewall tab of you new interface. And have a look if outbound NAT added you new subnet.
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
March 03, 2021, 04:08:07 PM #2
Yeah probably missing outbound NAT rules for the new subnet like chemlund said
2x 23.7 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover

--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
March 04, 2021, 10:28:55 AM #3
First of all, thanks for the responses!   :)

As to the cause of my troubles?
An FSCK'd patch cable!  :-[ :o >:(

I've been fighting with this thing for a week now!  >:( 
The IoT subnet port is connected to an 8 port unmanaged switch.  I put the switch in-line for any hardwired IoT devices I may acquire AND I'm using an old WRT54-G (running DD-WRT), that will be placed on the main floor of the house, to provide WiFi for my security devices.  The WRT54-G was used in my old security system (LOCAL access only) so I had to reset it for use with the new subnet.  That was an (relatively) easy fix.  Finally, after reading your responses, and trying everything I could think of, and failing...I plugged the laptop (wired connection, that I used to reset the WRT54-G) directly into the IoT subnet port and viola!  Everything works as it should.

A few months ago; in preparation for this change, and to clean up my networking rats' nest, I bought a 10-pack of 3' CAT6 patch cables from Amazon.  This is the SECOND one that's been bad! >:(

Thanks again, folks! :)
Print
Go Up Pages1
User actions