OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Management through Opt1 slow
« previous next »
  • Print
Pages: [1]

Author Topic: Management through Opt1 slow  (Read 1312 times)

dcp_ky

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Management through Opt1 slow
« on: November 10, 2021, 02:47:24 pm »
1st post here; I'm trying to setup the following to replace a m0n0 deployed over 10 years ago.


LAN      IP:      10.10.10.10/24
em0      Gateway:   10.10.10.1
      VLAN 10 Staff / VLAN 20 Guests

OPT1   IP:      192.168.1.10/24
em2      Gateway:   192.168.1.1
      VLAN 99 Management


I want to be able to manage the OpnSense instance (https, forward syslogs, smtp, ssh, etc) from the OPT1 interface.  I want to block all traffic entirely from computers on the LAN (downstream is WLAN).  No management from LAN side.

I haven't fully disabled the LAN management yet.  In my present config, I can get to the management IP using 10.10.10.10 or 192.168.1.10 right now.  I haven't disabled the LAN side management because it's incredibly slow to manage on the OPT1 side.  Ping seems fine, SSH as well, but HTTP times out constantly.  Clicking through each page takes 2 - 3 minutes.

On the LAN side it's snappy.  Using PC connected through an out-of-band switch.

I think this is routes or gateway related.  On the OPT1 side I'm seeing pings TTL=62 where I should be seeing ping TTL=64.

I'd be appreciative if anybody could point me to an article, FAQ or provide any advice on getting this working properly.

Many Thanks!

Logged

Patrick M. Hausen

  • Hero Member
  • *****
  • Posts: 6745
  • Karma: 568
    • View Profile
Re: Management through Opt1 slow
« Reply #1 on: November 10, 2021, 02:53:38 pm »
You should probably have only one gateway.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

dcp_ky

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: Management through Opt1 slow
« Reply #2 on: November 10, 2021, 04:08:56 pm »
This seems plausible.  Going to System > Gateways > Single, I see 2 gateways.  OPT1_GW (Active) and WAN_DHCP6 (Active). 

WAN was set w/ DHCPv6 which is now "Not Set" for v4 & v6 (I'll need to set some kind of IP when I get my WAN online)  Setting it offline removed the WAN_DHCP6 GW.  There was no DHCP server upstream from WAN anyway, it's not even plugged in.

On the OPT1 side, If I set IPv4 address manually, I'm forced to pick a IPv4 Upstream Gateway as "AutoDetect".  Once this happens, the GW is created and can't be deleted.  Helper text states that Upstream Gateway isn't necessary for LAN but what if I also don't want/need an upstream GW for OPT1?

As a workaround, I'm setting my OPT1 IP via static DHCP reservation on an upstream DHCP server, option 3 left blank so it's receiving GW as 0.0.0.0.


LAN is still fast while OPT1 is still slow.  Ping TTL=63 now on the OPT1 side.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Management through Opt1 slow
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2