ping & DNS resolution work, but not able to update or even use curl to download

Started by Fowlerj, April 25, 2025, 05:23:21 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
April 28, 2025, 04:58:04 PM #15
I already tested the modem tethering with two other devices, prior to reaching out.

I've compared the firmware and firewall settings with working units, replicated those, and even tried loading a config file from another unit - which failed as they are all different hardware.  That is why I've reached out here.

I even tried wiping and reinstalling twice before asking for help.

What could possibly allow DNS resolution and successful ICMP traffic, but then prevent OpnSense from being able to connect to update servers and even prevent a curl request from downloading a file?

Thank you.
April 28, 2025, 05:14:32 PM #16
All I can think of apart from checking why you need to override MTU is to do packet captures.
No experience with requirements of mobile carriers, sorry.
April 28, 2025, 09:28:42 PM #17
Quote from: Fowlerj on April 28, 2025, 04:58:04 PMI already tested the modem tethering with two other devices, prior to reaching out.
...

Is this specific unit working with any other OPN (or tested with other devices)?
If it's got different HW/FW, it may expose a different "version" of the ue device that works on other OPNs.
I have no clue what kind of drivers are used here and where they come from.
FreeBSD is not always up to date on that front...

ICMP & UDP working. No TCP?
April 29, 2025, 05:49:56 PM #18
Funny you should ask about ICMP & UDP vs TCP.  I had to jump into a Google Meet meeting and was able to successfully connect to and participate in the meeting across this OpnSense install & 5G modem setup.  I wouldn't have thought to test this way.  I also thought there would be some TCP used for the Google Meet.  Not only did the meeting work fine, even the automated close-captioning worked.

Another odd thing:
While I can successfully ping pkg.opnsense.org from an ssh into OpnSense, when I run the "Connectivity Audit" the ping the audit runs to pkg.opnsense.org fails (even when the ping from the shell is running successfully).

April 29, 2025, 06:28:25 PM #19
Quote from: Fowlerj on April 29, 2025, 05:49:56 PMAnother odd thing:
While I can successfully ping pkg.opnsense.org from an ssh into OpnSense, when I run the "Connectivity Audit" the ping the audit runs to pkg.opnsense.org fails (even when the ping from the shell is running successfully).

Do not trust that check - it uses a ping with a packet size to create a 1500 byte MTU packet, which will fail on some platforms.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
April 29, 2025, 06:37:20 PM #20
Quote from: meyergru on April 29, 2025, 06:28:25 PM
Quote from: Fowlerj on April 29, 2025, 05:49:56 PMAnother odd thing:
While I can successfully ping pkg.opnsense.org from an ssh into OpnSense, when I run the "Connectivity Audit" the ping the audit runs to pkg.opnsense.org fails (even when the ping from the shell is running successfully).

Do not trust that check - it uses a ping with a packet size to create a 1500 byte MTU packet, which will fail on some platforms.

Very good to know.  Thank you.
April 30, 2025, 06:00:13 PM #21
So the issue is a modem setting.  For some reason when the modem is set to "Auto (4G LTE/5G)" vs "4G LTE" we get the very weird traffic issues documented.

There are no issues connecting and passing traffic via modem WiFi (in 5G mode).  However, the USB RNDIS doesn't work properly when the modem is in 5G mode.
Print
Go Up Pages 1 2
User actions