Author Topic: [Modified] No traffic from secondary local network to WAN (Read 2195 times)

StP · « **on:** April 14, 2020, 08:19:37 pm »

After the update to 20.1.4 I seeing some NAT problems.
This is on a Deciso DEC2630 or DEC2640 device.
I have two internal - physically seperated - networks. LAN on igb0 (172.16.30.1/16) and a new one called BBB on igb2 (172.31.30.1).
WAN is on igb1 with a fixed IP.
I have some NAT rules to 172.16.x.x which are all LAN clients. These still work.
And I have some rules to 172.31.0.2 which is a server in the BBB network. These do not work anymore after the update. The server itself is listening to all ports, I checked that from behind the firewall. Coming in over WAN I only get connection timeouts (10060).
I double ( and triple) checked my rules. They look good and unchanged.

Any changes in the last update that could cause this trouble?

Is there an easy way back to 20.1.3 to do some cross checks?

Regards, stay safe
Stefan

StP · « **Reply #1 on:** April 16, 2020, 04:18:22 pm »

Well what I found by adding a test machine into the BBB network is this:
The root of the problem is not inbound NAT.
It is a routing problem from BBB to WAN. No packets going that way.
The BBB related entries in System/Routes/Status look fine (Similar to the LAN entries).
I have a firewall rule in place for the BBB network that allows anything.

I have not done anything special regarding gateway configuration.
IPV4 Upstream Gateway is set to Auto-Detect.

Call me stupid, maybe I am.
But this did work before in 20.1.3.

Where should I look?

Stefan

mfedv · « **Reply #2 on:** April 16, 2020, 10:28:30 pm »

Quote from: StP on April 16, 2020, 04:18:22 pm

I have not done anything special regarding gateway configuration.
IPV4 Upstream Gateway is set to Auto-Detect.

not sure what auto-detect does, but can you try setting the gateway address instead?

in https://forum.opnsense.org/index.php?topic=13456.0 there was a similar problem, and setting the gateway address seems to have solved it.

StP · « **Reply #3 on:** April 17, 2020, 08:46:43 am »

Quote

not sure what auto-detect does, but can you try setting the gateway address instead?

in https://forum.opnsense.org/index.php?topic=13456.0 there was a similar problem, and setting the gateway address seems to have solved it.

The problem in the topic you mention seems a bit different from mine.

Well, according to the help available (Info button) I should not change this value for non-WAN interfaces.
Thanks anyways

Darkopnsense · « **Reply #4 on:** April 18, 2020, 05:45:17 am »

Hi @StP,

System => Settings => General-> Network
Check: prefer IPv4 to IPv6

Regards,

StP · « **Reply #5 on:** April 18, 2020, 10:30:09 am »

This setting is switched on.
So IPv4 is preferred.

Author Topic: [Modified] No traffic from secondary local network to WAN (Read 2195 times)

StP

[Modified] No traffic from secondary local network to WAN

StP

[Modified] No traffic from secondary local network to WAN

mfedv

Re: Update 20.1.3 to 20.1.4: NAT problems

StP

[Modified] No traffic from secondary local network to WAN

Darkopnsense

Re: [Modified] No traffic from secondary local network to WAN

StP

Re: [Modified] No traffic from secondary local network to WAN