Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
WAN gateway on different network
« previous
next »
Print
Pages: [
1
]
Author
Topic: WAN gateway on different network (Read 7265 times)
essdeeay
Newbie
Posts: 2
Karma: 1
WAN gateway on different network
«
on:
October 17, 2015, 11:41:40 am »
I've just started using a dedicated server from OVH with ESXi, with an additional IP address. The additional IP address is assigned by ovh, and they also give a MAC address, which I have to set on the virtual machine running OPNsense (all of which is fine). However, the gateway you have to use for this additional IP address, *must* be the gateway of the network that the ESX host itself is sitting on. They explain it here:
http://help.ovh.co.uk/BridgeClient
OPNsense doesn't allow a gateway which is not on the WAN subnet, so to make it work I added the following routing commands in /usr/local/etc/rc, immediately before the 'exit 0' at the end.
Code:
[Select]
route add -net 12.34.56.78 -iface vmx1
route add default 12.34.56.78
This now allows the OPNsense machine to access the Internet etc. However, a client on the LAN side of OPNsense cannot. Using tcpdump I can see the ping packets from the LAN client, hitting the WAN interface of OPNsense, but nothing after that.
Is there anything I can do to get this situation working?
Many thanks,
Steve
Logged
lucifercipher
Jr. Member
Posts: 55
Karma: 9
Re: WAN gateway on different network
«
Reply #1 on:
October 20, 2015, 10:48:31 am »
Hello,
The easiest way to do and check it to add a Static route from "System" tab. Then you can create a firewall rule for the Virtual IP created and test an access from the outside through OPNSense VMachine. Now it happens that private networks are blocked so you need to disable "block private networks" option for testing purposes. Just a suggestion. I hope it helps.
Logged
essdeeay
Newbie
Posts: 2
Karma: 1
Re: WAN gateway on different network
«
Reply #2 on:
October 20, 2015, 12:53:42 pm »
Thanks for the reply lucifercipher,
I did try with various static routes with no success. However, the easiest solution in the end was to set up a basic debian/ubuntu box (which does allow non-reachable gateways (but only post-installation)) to act as a NAT point and blindly forwards traffic both ways. Then attached to this is OPNSense as usual.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
WAN gateway on different network