having bad issues ...

[defaultuserfoo]

Hi,

while trying to create a somewhat more complicated setup, I have found the following issues:


When trying to create a second WLAN interface with pppoe, it it not possible to assign an interface to the pppoe connection unless that connection is up.  The only way to bring the connection up is to disable and to re-enable the interface the connection is assigned to.  That requires you to log in via ssh and to figure out how to bring up the pppoe connection manually.  Is it supposed to be that way?


I'm trying to isolate some networks by using an interface group as described here: https://forum.opnsense.org/index.php?topic=28447.msg138309#msg138309

This does work in theory, but opnsense can't seem to figure out which rules to apply in which order.  I'm attaching screenshots of the firewall log and some of the rules on the group interface.  When I'm trying to connect to an XRDP server with remmina, I'm getting to the login screen and can't log in.   (ho_management is alias for 192.168.220.18)

Why does the rule that explictly allows me to connect not apply?  What is with the non-existing rule?

It seems as if "first match" doesn't apply here.

It gets worse when I change the rules a bit.  I'll make a comment to keep the screenshots sorted.

[defaultuserfoo]

Can someone please fix the ridiculous limit on attachments?

[defaultuserfoo]

...

[defaultuserfoo]

Ok now I changed the rules a bit, and I'm getting the following ...

[defaultuserfoo]

...

[defaultuserfoo]

Any ideas?

[defaultuserfoo]

After about a day I found it:


[root@enter ~]# ip route
default via 192.168.220.1 dev ens3 proto static metric 100
192.168.4.0/24 dev ens7 proto kernel scope link src 192.168.4.4 metric 101
192.168.220.0/24 dev ens3 proto kernel scope link src 192.168.220.4 metric 100
[root@enter ~]#


This was fine and intended as long there was no gateway on 192.168.4.0/24 --- but I forgot about that I did that some time ago ...

Now the next issue is IPsec VPNs not working ...