Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNSense in DMZ
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNSense in DMZ (Read 1427 times)
Jonttu
Newbie
Posts: 5
Karma: 0
OPNSense in DMZ
«
on:
February 04, 2023, 09:39:58 am »
Hi,
I have a situation where I had to change to 5G mobile broadband. So I have a ZTE modem from ISP and a service that enables me with public IP and should not have blocked ports. I also have a opnsense firewall behind that modem.
I am trying get my Wireguard VPN tunnel to work from internet to my local network. My initial setup was that I put the ZTE modem into bridge mode, this way opnsense got public IP and internet was working normally. But I can't get Wireguard to work at all. Basically there is no packets coming from my phone to opnsense so Wireguard handshake fails (timeouts). I also tried traceroute from internet to my public WAN IP and it never reaches opnsense, ICMP traceroute does and those packets are dropped by opnsense but TCP traceroute shows nothing after some ISP IP.
Only way I get Wireguard to work is to put the ISP ZTE modem into router mode and opnsense into DMZ. This way opnsense gets private IP from ZTE, internet works, Wireguard works and even TCP traceroute completes.
But what are the downsides of this setup? I would like opnsense to get public IP and have the ZTE in bridge but as the packets are lost somewhere, it does not seem to be possible. Are there going to be problems with my opnsense in some way as it has private IP? I did have unbound crashing at times but it seemed to help when I enabled " Allow DNS server list to be overridden by DHCP/PPP on WAN".
Logged
jezza007
Newbie
Posts: 17
Karma: 2
Re: OPNSense in DMZ
«
Reply #1 on:
December 02, 2023, 04:04:28 pm »
Did you get anywhere with this?
I just been suppplied a ZTE MC888 and cannot get bridge mode to work at all.
It keeps assigning 192.168.0.x to the opnsense wan port even though DHCP and wifi are disabled on the ZTE
Tried eveything I know, had a similar issue with a differenytt router in bridge mode before and a factory reset sorted it out, but tried that with the ZTE several times, sam eissue and not getting anywhere
thanks
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
OPNSense in DMZ