[SOLVED] DHCP-WAN=internet OK and STATIC-WAN=no internet

Started by gruutch1, July 30, 2016, 01:22:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 30, 2016, 01:22:48 PM Last Edit: August 01, 2016, 10:07:09 AM by franco
Hello!

Iam a newbie with OpnSense. My Firewall experience was as yet with Ipcop. It is a linux based firewall.

Today I installed OpnSense 16.7-amd64 with two network cards (WAN and LAN).

This is my test environment:
Provider (Fritzbox/Gateway) -------WAN-OpnSense-LAN--------CLIENTS

The IPs are:
Fritzbox  (Gateway)  = 192.168.1.1 (Static)
WAN OpnSense        = 192.168.1.11 (DHCP from Fritzbox)
LAN OpnSense          = 192.168.0.1 (Static)
Clients get IPs from DHCP-range 192.168.0.10 < 192.168.0.250

After this installation, I can go the internet. Perfect!
But if I change the WAN-OpnSense IP from DHCP to static (in 192.168.1.250), then I have no Internet.

I think I must entry the DNS and Gateway IP manually. But I see so many settings and I couldn´t find the settings for this two IPs. I was unsure and I tried something, but it didn´t worked.

Could you tell me please, where I type the rest settings exactly in OpnSense?


July 30, 2016, 01:50:49 PM #1
Some things to consider:

- the default gateway is at IPv4 upstream gateway on the WAN page. Test your connection independently from DNS by pinging 8.8.8.8.

- The Fritzbox needs to know where your internal LAN is. That means that you need to add a static route for 192.168.0.0/24 to go via your OPNsense WAN interface.

- The OPNsense WAN interface blocks private networks (RFC1918) by default.

- Inbound connections are firewalled twice; on the Fritzbox and on OPNsense.

- You may be able to set your Fritzbox in bridged mode and make the PPPoE connection from OPNsense.

Bart...
July 30, 2016, 10:49:23 PM #2
Hello Bartjsmit,

thank you for your answer.
But in my imagination it is illogical, why I should change my fritzbox static route and / or set to bridging-mode.
I say that, because back then I used the linux-firewall ipcop. And there I didin´t changed the fritzbox settings.
At ipcop I installed two networkcards too and setting up the same settings like in opnsense and it did worked.

gruuch
July 30, 2016, 11:29:15 PM #3
Hi gruutch,

I understood that you are talking about outgoing traffic, ie open Google with a browser.

So, for a static config you have to enter gateway and dns manually (booth the LAN IP of your Fritzbox). Have a look at the wizzard somewhere in the menus. I think this will lead you through the complete setup.

Hope this helps
Uwe
July 31, 2016, 10:23:33 AM #4
Hello wurmloch, hello bartjsmit

ok I started the wizard again. And suddenly it works.
I suppose, that my gateway settings, which I made yesterday was wrong.
But now it works.

Thanks to both of you for your help!

gruutch

Print
Go Up Pages1
User actions