[Solved] Static route with OPNsense results in intermittent RDP sessions

Started by Giant850, April 14, 2021, 01:44:45 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 14, 2021, 01:44:45 AM Last Edit: April 14, 2021, 03:06:39 AM by Giant850
I have an exceptionally weird issue with my new OPNsense setup, that did not happen with my EdgeRouter 12. I've setup OPNsense with a drop-in config that mimics what my ER12 was doing in terms of routing, which is configured for a single static route into a lab network. 

Problem: When using Microsoft RDP from the 10.13.2.x/24 network into my 172.16.0.0/12 network, the RDP session freezes every 15-30 seconds and the RDP client has to constantly reconnect. Basically makes RDP totally unusable.

Config: I set a gateway up in OPNsense for 10.13.2.10, which is the IP of my Mikrotik router that routes into the 172.16.0.0/12 network, where all my lab gear resides. I then setup a route in OPNsense for 172.16.0.0/12 and picked the gateway I configured. Except for the Microsoft RDP issue, the routing seems to be working. I also setup firewall rules to allow the 172.16.0/12 network internet access.

Here's a network diagram:

https://imgur.com/a/kSRi31G

When the RDP freezing started happening, through several hours of troubleshooting I narrowed down the issue to OPNsense. If I pull the LAN/WAN cables on my OPNsense firewall and plug them back into the ER12, the RDP freezing ceases to occur. I then swap the ER12 with OPNsense and the freezing immediately starts happening.

I'm at a loss as to what this could be. I could understand if it was totally broke, or worked 100% of the time. But the freezing RDP session is quite odd.

Any ideas? If I can't solve this issue then I'll have to go back to my EdgeRouter 12, as accessing my lab network is business critical.
April 14, 2021, 02:08:34 AM #1
I found this reddit thread from six years ago regarding the same issue with PFSense.
https://www.reddit.com/r/PFSENSE/comments/27zs4t/internal_routing_annoying_disconnects_after_30/

I timed my disconnects, and they too are exactly 30 seconds like the OP on reddit. Unfortunately the reddit thread didn't have a solution.

Any ideas?
April 14, 2021, 02:23:46 AM #2
I found this thread about OPNsense and a 30 second LAN to LAN timeout:
https://forum.opnsense.org/index.php?topic=19332.0

Complaints but no solutions...any ideas on a real fix?
April 14, 2021, 03:06:20 AM #3
I found the solution here:
https://forum.opnsense.org/index.php?topic=16994.0

Basically I had to go into Firewall:Settings:Advanced and check the box:
Bypass firewall rules for traffic on the same interface

The rebooted the firewall, and now RDP sessions are stable.
Print
Go Up Pages1
User actions