Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Strange (Seemingly) Device Level Issue
« previous
next »
Print
Pages: [
1
]
Author
Topic: Strange (Seemingly) Device Level Issue (Read 771 times)
w1ldthing
Newbie
Posts: 4
Karma: 0
Strange (Seemingly) Device Level Issue
«
on:
January 22, 2024, 11:40:11 am »
Hi,
Opnsense install is installed and running fine, except since a clean restart / update (I think).
The weird thing that is now happening is that one particular subnet cannot talk to / ping x2 devices on a different subnet (PC to CAR BLACKVUE DASHCAM). Yet, the same subnet can talk to / ping any other device on all other subnets (not found a device I can't ping yet).
Any ideas where to begin looking or something obvious is at fault ?
This is my setup (which has worked without this issue in the past):
MODEM ----> OPNSENSE (WAN)
OPNSENSE (LAN) ----> 10.10.10.1 >---- 6.6.6.47 (CAN'T PING FROM 10.10.10.X)
>---- 6.6.6.48 (CAN PING FROM 10.10.10.X)
OPNSESNE (OPT1) ----> 1.1.1.1 >---- 6.6.6.47 (CAN PING FROM 1.1.1.X)
>---- 6.6.6.48 (CAN PING FROM 1.1.1.X)
OPNSENSE (OPT2 NO VLAN) ----> 6.6.6.1 >---- 6.6.6.47 (CAN PING FROM 6.6.6.X)
>---- 6.6.6.48 (CAN PING FROM 6.6.6.X)
OPNSENSE (OPT2 VLAN 51) ----> 7.7.7.1 >---- 6.6.6.47 (CAN PING FROM 7.7.7.X)
>---- 6.6.6.48 (CAN PING FROM 7.7.7.X)
1st Image shows:
Last Row - 10.x.x.x can't ping 6.6.6.47
Rows 1 to 3 - 10.x.x.x can ping other devices on 6.x.x.x and 1.x.x.x
Rows 4 to 6 - 1.x.x.x, 6.x.x.x & 7.x.x.x can ping 6.6.6.47 fine where 10.x.x.x can't
2nd Image shows similar also:
«
Last Edit: January 22, 2024, 12:44:06 pm by w1ldthing
»
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Strange (Seemingly) Device Level Issue
«
Reply #1 on:
January 22, 2024, 01:14:16 pm »
there's probably an allow rule missing on the network that can not go to the other. It would be helpful to show the current rules on it.
p.s. the interface ip addresses assigned are nice looking but not great choices and would cause some pain in the future. 1.1.1.1 for instance is Cloudflare and is a public ip. You should adhere to RFC1918 ips.
Logged
w1ldthing
Newbie
Posts: 4
Karma: 0
Re: Strange (Seemingly) Device Level Issue
«
Reply #2 on:
January 22, 2024, 01:40:14 pm »
Yeh, IPs is on the To-Do list as they are a hang-over from when they were first setup and to help keep things straight in my head 10 = 10GbE, 1 = 1GbE, 6 = Wifi6, 7 = Wifi6 Guest.
Attached are the firewall rules, mostly the auto generated ones on both the issue and non issue net.
The only difference being the 10 has the Anti-Lockout.
The two manual rules both net's have are 1 to redirect certain devices to the VPN and the other to allow traffic between the various net's.
Logged
w1ldthing
Newbie
Posts: 4
Karma: 0
Re: Strange (Seemingly) Device Level Issue
«
Reply #3 on:
January 22, 2024, 01:40:55 pm »
No Issues net rules
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Strange (Seemingly) Device Level Issue
«
Reply #4 on:
January 22, 2024, 02:50:07 pm »
apart from some at-first-glance seemingly duplicated rules, they seem should be fine for this.
Maybe the destination is not up or accepting. Or the ping "from" is not suitable. I would normally diagnose from a device on the network, not on the router first. If you get "no route to host" you know there is something to investigate.
Logged
w1ldthing
Newbie
Posts: 4
Karma: 0
Re: Strange (Seemingly) Device Level Issue
«
Reply #5 on:
January 22, 2024, 03:45:56 pm »
So…
A wifi device connecting to 6 & 7 net can ping 6.6.6.47 no problem.
A wired device on 1 net can ping 6.6.6.47 no problem.
Multiple wired devices on 10 net cannot ping 6.6.6.47 with DEVICE NOT FOUND.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Strange (Seemingly) Device Level Issue
«
Reply #6 on:
January 22, 2024, 04:41:47 pm »
I would then enable temporarily logging of default rules and use the live view of the firewall, to see if it hits any rule.
Next is use of packet capture.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Strange (Seemingly) Device Level Issue