Mutli-wan with dual-lan does not work

Started by Yourry, September 15, 2021, 08:46:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 15, 2021, 08:46:10 PM
Hello everyone,
I have some difficulties with OPNSense on a multi-wan and dual-lan architecture.
Here is a diagram of the network (obviously I'm as good with paint as OPNSense  ;D):



My LAN network works perfectly, on the contrary LAN_Test not.
I have no internet connection from LAN_Test, and even a simple ping request does not work from a PC on the LAN_Test network to 1.1.1.1 for example.
However, I can clearly see the request in the firewall logs. And this request comes out well:





If I try to ping from LAN_Test to another opnsense, I can see the imcp request arriving on the target opnsense.
I have the impression that it is at the "return" that there is a problem with routing.

Here are my NAT rules:



Outbound:



If you have advice or an idea, I am interested. Thank you
September 15, 2021, 09:54:29 PM #1
I would start by checking your configured gateway(s).
https://docs.opnsense.org/manual/gateways.html
September 15, 2021, 10:20:55 PM #2
Thank you for the answer.
From the gateways, everything seems OK to me. LAN_Test is using my GW_MULTI_WAN gateway well.

Here is the config of the singles gateway :


Groups:


For the dual-wan which works well on the LAN, I followed the official tutorial:

https://docs.opnsense.org/manual/how-tos/multiwan.html
September 16, 2021, 12:05:09 PM #3
that's exactly what I was going to suggest to check/follow.
I don't have a multi-wan setup at the moment to check things. I'm sure someone will peep with suggestions.
September 16, 2021, 12:12:13 PM #4
192.167... is not a valid RFC1918 subnet
September 16, 2021, 06:32:31 PM #5
Thank you for your answers.
I hadn't paid attention to staying within the RFC1918 standard.
So I changed the addresses to 192.167.0 .. to 192.168.120 with the hope that it works but no ..
I haven't seen anything from LAN_Test despite the firewall logs which seem to be working:



On the other hand, if I do a ping test from OPNsense from the LAN_Test interface, everything is fine:

Code Select
# /sbin/ping -S '192.168.120.1' -c '3' '1.1.1.1'
PING 1.1.1.1 (1.1.1.1) from 192.168.120.1: 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=55 time=31.780 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=55 time=34.224 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=55 time=34.950 ms

--- 1.1.1.1 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 31.780/33.651/34.950/1.356 ms

With this problem I'm going crazy.
Print
Go Up Pages1
User actions