*RESOLVED* OPNsense VM - cannot ping ISP gateway

Started by tdubbed, March 20, 2024, 03:42:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 20, 2024, 03:42:48 PM Last Edit: March 20, 2024, 07:15:29 PM by tdubbed
Hello, I'm new here, and my networking chops are still being developed... please excuse my ineptitude. :)

I set up a Proxmox server for my home lab so I can practice configuring firewalls/switches. I have a VM of OPNsense configured, along with an Ububtu VM.

So I have two routers now. My ATT BGW320 and my OPNsense VM. The OPNsense VM is connected to the ATT BGW320, and it has a valid IP address.

My Ubuntu VM has internet, and I can ping my OPNSense VM. The OPNsense VM can also ping the Ubuntu VM.

1) My OPNsense VM cannot ping its own WAN interface (IP address from ATT BGW320) or my home's default gateway (ATT BGW320).

2) I am unable to ping the OPNsense WAN or LAN address, nor can I ping my Ubuntu VM, from devices on my home's LAN.

3) I have created a firewall rule and a static route, but I am missing something.

I want to be careful what information I share, so I'm leery to provide actual private IP addresses. If this is an unfounded fear, please let me know, and I will post more specifics. I am under the impression that I can share any of my private IP configurations with the public. Is this the case?

Thank you!
March 20, 2024, 03:59:00 PM #1
What are your OPNsense WAN and LAN address, respectively?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 20, 2024, 04:08:18 PM #2
LAN (vtnet1) -> v4: 192.168.101.254/24
WAN (vtnet2) -> v4/DHCP4: 192.168.1.127/24
March 20, 2024, 04:38:01 PM #3
There's a "block private networks" setting on the WAN interface configuration screen. Remove that check mark.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 20, 2024, 05:10:03 PM #4 Last Edit: March 20, 2024, 06:04:46 PM by tdubbed
Okay, edit: I broke the Ubuntu VM somehow. I restored it from a snapshot, and now I have Internet.

I AM still able to reach the OPNsense VM through the Ubuntu guest with ping and through the web interface.

I CANNOT ping any host/the gateway on the 192.168.1.x network and vice versa.

Here's an image with some more information. Perhaps you can glean some more from this. I appreciate you!


March 20, 2024, 06:15:07 PM #5
Okay, I'm getting somewhere. I made a WAN firewall rule to allow ICMP. I can now ping the WAN side of my OPNsense VM (my internal ATT DHCP IP address).

Working on pinging the LAN interface...
March 20, 2024, 07:14:59 PM #6
OKAY! Not sure what I did... besides poke, break, restore, break, poke, restore... Anyway, I can ping in all directions!

Thanks for your help, Patrick, and for letting me document for my own benefit!

Until next time...  :) ;) :o 8)
Print
Go Up Pages1
User actions