Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Cannot allow traffic from LAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Cannot allow traffic from LAN (Read 721 times)
dasuberadmin
Newbie
Posts: 11
Karma: 0
Cannot allow traffic from LAN
«
on:
January 08, 2024, 01:36:45 pm »
I have the following setup:
OPNsense WAN: 84.xx.xx.xx
OPNsense LAN: 192.168.1.1/24 (dhcp enabled)
VPS1 LAN: 192.168.1.2 (dhcp)
VPS1 WAN: 37.xx.xx.xx (static IP, not connected to same network)
When I do a curl
http://37.xx.xx.xx
I see in the live logs that traffic on the LAN interface of OPNsense coming from the WAN interface of the VPS is being blocked. Immediately I don't understand why that traffic is hitting the OPNsense firewall at all since they should be seperate networks, but alright...
The firewall rule that is triggered is the automatically generated default deny rule on that interface but I seem to be unable to create an exception for the traffic coming from the 37.xx.xx.xx interface.
When I go to my LAN rules I have added a rule for IPv4+6 which allows traffic from all IP's and ports to all IP's and ports but still this default rule (which is set to "last match") is blocking the connections.
When I look online I see that people generally recommend disabling automatic rule generation during interface setup time but I don't want to have to redo all the custom rules I've set up by removing the interface and re-adding it.
Where do I go from here?
[edit]
It's DNS. It's always DNS. Even when it isn't DNS, it's still DNS.
After a week of banging my head against the wall I noticed that /etc/resolv.conf only had an entry for 192.168.1.1 which was being blocked by OPNsense. I have modified the nameserver and everything started working immediately.
«
Last Edit: January 08, 2024, 08:56:57 pm by dasuberadmin
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Cannot allow traffic from LAN