Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Multiple OPNSenses on one modem
« previous
next »
Print
Pages: [
1
]
Author
Topic: Multiple OPNSenses on one modem (Read 2439 times)
freddykromer
Newbie
Posts: 8
Karma: 1
Multiple OPNSenses on one modem
«
on:
April 26, 2022, 10:19:11 am »
We added four public IPs to our connection. Before that we just had one.
We wanted to build a separated network on one of the new public IPs with it's own opnsense. So we connected an other OPNSense to the modem. Now we have 2 OPNSense on the same modem, each with its own public IP.
Everything works fine but we can't reach the OPNsenses from each other, as well as we can't reach any of the OPNSenses from any other device, directly connected to the modem.
In both firewall logs you can see that the request is received and allowed, but websites and pings are not reachable. We tried to solve this for days now and we don´t have any idea what could be the problem...
Can someone please help us with this?
Logged
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: Multiple OPNSenses on one modem
«
Reply #1 on:
April 26, 2022, 10:49:42 am »
VPN connection from one sense to the other?
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
haljimmy
Newbie
Posts: 1
Karma: 0
Re: Multiple OPNSenses on one modem
«
Reply #2 on:
April 26, 2022, 12:00:11 pm »
Access from WAN is disabled by default,
Have you added needed firewall rules? Routes? Did you try to disable the "block bogon and private networks" on the interfaces?
When trying to access them from the modem are you using a separate public ip on the computer or a private ip?
We need some more information what you have tried so far
Logged
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #3 on:
April 26, 2022, 02:12:35 pm »
@chemlud Maybe I didn´t explain the issue well enough... I can`t even reach the other router by ping, so how could I establish a VPN-connection?
Logged
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #4 on:
April 26, 2022, 02:17:55 pm »
@haljimmy Yes of course we added the rules. We can access the to routers from every destination, except from devices on the same modem.
We already tried to disable the block rules you mentioned, even though that wouldn`t make sense either, cause if that would be the problem, then the firewall would log the blocked packages.
When trying to access the opnsenses from each other, we use a public IP, cause they both have public IPs. Any other device we connected has also a public IP.
Logged
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: Multiple OPNSenses on one modem
«
Reply #5 on:
April 26, 2022, 02:18:20 pm »
if your router would reply to ping on WAN without further measures, I would consider it to be unsafe. I havn't tried different public IPs over one modem, but in principle two senses connected to the internet with public IPs should be able to reach each other for a VPN tunnel...
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #6 on:
April 26, 2022, 02:23:41 pm »
Maybe it makes sense to do an other explanation of the problem.
I can connect to the webservers on the networks from any destination.
When I go out from a Network to the other one on the same modem then the request is like that:
Network 1 (example1.com) tries to reach Network 2 (example2.com) --> So from the router the IP from Network 2 is send to the Gateway on the modem, and that should route it to Network 1. And it seems like it does, cause the traffic is visible on both firewall logs. But actually you cant reach the websites, or ping the other router.
Logged
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #7 on:
April 26, 2022, 02:26:32 pm »
@chemlud we added the ping-rules on both OPNsenses. So we can ping the OPNsenses from an other network, but not from networks on the same modem
Logged
chemlud
Hero Member
Posts: 2485
Karma: 112
Re: Multiple OPNSenses on one modem
«
Reply #8 on:
April 26, 2022, 03:08:08 pm »
What kind of modem is that? maybe there is a private IP for the communication of modem and sense and that's the problem, as traffic between senses is never leaving the modem (or only to the next router upstream at your provider)
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #9 on:
April 26, 2022, 03:56:56 pm »
The modem is a Hitron CGNV4. I don´t think the modem is the problem here, cause we have an other router (Lancom) on one of the public IPs which we can ping from both of the opnsenses.
Logged
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #10 on:
April 26, 2022, 05:10:04 pm »
Solved it by adding a static route on the wan gateway to the modem-gateway. I don`t understand it completely, but anyways...
Logged
muchacha_grande
Full Member
Posts: 219
Karma: 19
Re: Multiple OPNSenses on one modem
«
Reply #11 on:
April 27, 2022, 04:54:31 am »
Hi @freddykromer, can you explain in more detail how did you solved it?
Thank you
Logged
freddykromer
Newbie
Posts: 8
Karma: 1
Re: Multiple OPNSenses on one modem
«
Reply #12 on:
April 27, 2022, 12:43:51 pm »
I added a static route:
Network-Address: the public IP from the other opnsense
Gateway: Wan Gateway (The Gateway from the modem)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
Multiple OPNSenses on one modem