Traffic not passing through from distant subnet to WAN

Started by sidney_v, February 11, 2019, 11:28:06 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 11, 2019, 11:28:06 AM Last Edit: February 13, 2019, 11:23:06 PM by sidney_v
Hello,

On my OPNsense (18.1.9-amd64 and upgraded to 18.7), I tried to connect a subnet to my LAN but something went wrong : lan ressources are available but no internet connection.  I need some outside help to point out any errors I might have missed.

My config :
Code Select

  Remote PC            Router                  Router            OPNsense
10.143.20.200/22---lan---10.143.20.254/22---mpls---192.168.0.2/30---lan---192.168.0.1/30    (MPLSFOLINKT ETH)
   10.143.7.254/22   (LAN ETH)
   77.158.229.106/30 (WANFOSFR ETH, member of a group)

What I've done :

  • System: Gateways: Single >> Add "GWMPLS" 192.168.0.2 (Default and Far Gateway unchecked, appears "online")
  • System: Routes: Configuration >> Network : 10.143.20.0/22 - Gateway : GWMPLS - 192.168.0.2
  • Interfaces: [MPLSFOLINKT] >> Create new interface,  Block private and bogon networks unchecked, IPv4 Upstream Gateway : None
  • Firewall: Aliases: View >> Create a network "ReseauxDistants" including 10.143.20.0/22 & 192.168.0.0/30
  • Firewall: Rules: MPLSFOLINKT >>
Code Select
Proto Source Port Destination Port Gateway Schedule Description
IPv4 * ReseauxDistants  * *       * * Allow traffic from VPN MPLS sites distants
IPv4 * * * ReseauxDistants * *         Allow traffic to VPN MPLS sites distants
  • Firewall: Settings: Advanced >> Checked Static route filtering : Bypass firewall rules for traffic on the same interface

With this configuration :
Pinging and accessing internet from the 192.168.0.2 router is successful to lan and internet
From the Remote machine (10.143.20.200) I can ping and access LAN ressources but no ping or access to internet


Verification :

  • System: Routes: Status
Code Select
Proto Destination Gateway Flags Use MTU Netif Netif (name)
ipv4 10.143.20.0/22 192.168.0.2 UGS 238 1500 em5 MPLSFOLINKT

  • Firewall: Log Files: Live View : everything seems to pass

I've triple checked my config and any help would be appreciated,

Thanks in advance :-)
February 13, 2019, 11:26:27 PM #1
Hi,

Just to let you know that it was a Outbound NAT issue and I just created an hybrid one ; everything works well.

Bye

Print
Go Up Pages1
User actions