FIrewall ruleset gateway point to gateway group, internet stop working

Started by foongws, October 23, 2018, 08:04:44 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 23, 2018, 08:04:44 AM
I just upgrade the opnsense to OPNsense 18.7.5_1-amd64 yesterday.
after upgrade , the gateway group stop working.
it work on previous version.

My OPNsense got multiple wan link and a few LAN interface.
Each LAN , i would like to use different WAN link and some would need load balance between WAN link.

So far everything work fine till i upgrade it yesterday.
Now all the rules , the gateway have to point to default , otherwise it wouldn't.

And the default gateway no longer work (system -> gateway -> single), I have multiple gateway and i configure one of the gateway as default gateway. But the firewall will always use the first configure gateway. I have to disable the first gateway , then only the second gateway will be using.

Please advice.
October 26, 2018, 11:29:43 AM #1 Last Edit: October 26, 2018, 11:45:14 AM by mailman451
I have a similar problem here.

We have 5 DSL lines connected via PPPoE (WAN and OPT1-OPT4), and local LAN IPs grouped with aliases. Via firewall rules these alias groups are assigned one of the 5 gateways. We do not use gateway groups.

After updating from 18.7.4 to 18.7.6, only one gateway will have internet access (which one is found out by trial and error) and I have to select this gateway in the firewall rules for all the alias groups. Here my observation is different from the OP: which gateway works seems to be random after each reboot.

All PPPoE interfaces are connected and have been assigned an external IP, and using 'ping' from each of the 5 PPPoE interfaces to the internet also works.

As all 5 lines are from the same provider, they have all been assigned with the exact same gateway IP by the provider. By manually selecting a different monitor IP for each gateway, the monitoring works and shows all gateways in the green.

Even when disabling the alias groups' rules and just using a default LAN rule for the local LAN, still only one specific gateway will work.

EDIT: going back to 18.7.4 with

Code Select
opnsense-revert -r 18.7.4 opnsense

and rebooting with the pre-update configuration, all is back to working normal.
October 26, 2018, 06:57:23 PM #2
Same as https://github.com/opnsense/core/issues/2835 maybe? We are currently trying to find more reports to try which commit is responsible.


Cheers,
Franco
Print
Go Up Pages1
User actions