New to Opnsense; 100% Packet loss

Started by Selectbq, May 18, 2022, 12:54:04 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 18, 2022, 12:54:04 AM
Hey all, we've just setup OPNsense today but are struggling massively with the firewall.

Overview:

We are running a VMWare network on subnet 192.168.25.0/24


Gateway is 192.168.25.2
Opnsense is on 192.168.25.131 configured to use the gateway above
Other machines are on 192.168.25.125 to 192.168.25.130

Issue being: Other machines cannot connect to squid or DNS if the source and destination is set to LAN nor can opsense connect to the gateway (no packets go through, even if ICMP is allowed)


Log:



But the rules explicitly allow LAN connections



Setting all rules to ANY works however opnsense itself does not have any connection to the gateway cannot ping the gateway nor any other ip address

What am I doing wrong?
May 18, 2022, 01:02:48 AM #1
I should also mention that "Block private networks" and "Block bogon networks" are turned off
May 18, 2022, 11:57:04 AM #2
I think asymetric routing is your problem.

Clients send the packets to your OPNsense and OPNsense to the Gateway.
But the answer packets are going from the Gateway directly to the Client, but the Client isn't listening for that.

Search for asymetric routing, there are many threads about it
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support
Print
Go Up Pages1
User actions