Nested opnSense only allows ICMP traffic

Started by scoobey, February 14, 2024, 06:35:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 14, 2024, 06:35:01 PM Last Edit: February 14, 2024, 08:12:16 PM by scoobey
I have the following setup and am trying to get full routing and DNS between opnSense2 networks and the networks on opnSense1.

I have full connectivity between MGTNET and InternetSW networks.
I have full connectivity between LabNet and TestNet.
I have copied the default All all IPV4 rule to each Interface.
I have disabled Bogons and RFC1918 on all interfaces.
I have disabled IPV6 on all interfaces
Networks on opnSense1 and opnSense2 both have full Internet access.
all networks have a domain name of xxxx.local

On opnSense1 MGTNET and InternetSW interfaces I had to enable "Dynamic gateway policy" which allows ICMP (IP Address only) traffic from the opnSense2 networks to opnSense1 networks.  DNS lookups from LabNet are not successful to the MgtNet or InternetSW. DNS lookups from LabNet to the Internet work correctly.


Print
Go Up Pages1
User actions