Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Issues routing over OpenVPN/VLAN coming through LAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Issues routing over OpenVPN/VLAN coming through LAN (Read 1055 times)
wiresandenergy
Newbie
Posts: 1
Karma: 0
Issues routing over OpenVPN/VLAN coming through LAN
«
on:
June 07, 2021, 05:15:45 pm »
Hi all,
I recently migrated from pfSense to OPNsense due to frustrations with the latest version of pfSense jacking up policy-based routing. I policy-based routing out a segment of my network to go over a VPN (Private Internet Access). What I was seeing on pfSense after upgrading to the latest version was that, for whatever reason, if the OpenVPN client went down and came back up, I would need to either flush the firewall states or disable/enable a rule for routing to work again. Suffice it to say I was frustrated enough to try OPNSense. So far I have my network up and running but I am running into separate issues with OpenVPN.
The problem is as follows, and I’m really hoping someone can help me out here:
I have a VLAN (PIA_NET) setup to go over the VPN. This, for the most part works as intended, except on a machine that has two NICs. One port is plugged into one network, the other onto the VPN network.
Outbound NAT:
https://imgur.com/hFlWIpr
PIA_NET Configuration:
https://imgur.com/a/FhpiGR1
The machine in questions' NICs are as follows:
https://imgur.com/a/RcLu19K
I am able to curl --interface ifconfig.co on either NIC and pull from the appropriate source. enp6s0f0 pulls from my WAN and shows the appropriate IP. enp6s0f1 shows the IP assigned to me by the VPN.
However, if I attempt to run a test download through qbittorrent using the enp6s0f1 interface, my firewall logs are spammed with the below. Traffic is being blocked. The destination is this test tool (
http://ipmagnet.services.cbcdn.com/?hash=4e9c11bb47ca0837e547534dfe8f49b72bc74b3d
)
https://imgur.com/a/MvjqqDY
I have already tried changing the state tracking on the rule that pushes this machine over the VPN to "None" per some suggestions I read here.
Rule Config:
https://imgur.com/a/XlezEuw
https://imgur.com/a/hgcba2e
This seems to have no impact. At this point I am out of ideas and have no idea what I am doing incorrectly.
I have also noticed that if I disable the LAN (enp6s0f0) interface on the machine in question, things work as expected. That said, I need both interfaces live on that machine.
Here's a screenshot of the machine in question's routing table:
https://imgur.com/a/iORrGKG
Adding the below rule to my LAN interface seems to have resolved the issue and I'm confused as to why.
https://imgur.com/a/4PdLsbL
PIA_NET and LAN are separate interfaces. I don't expect traffic to go through LAN and then to PIA_NET...I expect it to go directly to and from PIA_NET as I have it configured.
Have I configured something incorrectly in the interface setup? This seems very different from pfSense....which is fine, I just want to know why.
Interface screenshots:
https://imgur.com/a/bUnLOTp
https://imgur.com/a/AiTTHM6
VLAN Screenshot:
https://imgur.com/a/3L13eC1
Thanks!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Issues routing over OpenVPN/VLAN coming through LAN