OPN Sense as Edge Router can't SNMP from LAN to Internet

Started by MrLee, March 20, 2024, 04:38:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 20, 2024, 04:38:19 PM
my apologies if this was answered anywhere, but I couldn't find my specific issue.

I'm attempting to install OPNSense as an edge router between 2 public IP Address Spaces (like an ISP router)
There are a few firewalls on the LAN side of the OPNSense.

I'm using OPNSense to block access to my "LAN" devices from known bad IP lists (TOR/CI Army, etc.)

I'm using Floating rules and it is working fine in this manner,

I have a few devices that I monitor on the internet via SNMP, and I cannot reach them. 

is it possibly a default rule blocking SNMP out to the internet, and is there a way to override this?
or maybe it's double NAT



March 20, 2024, 04:40:48 PM #1
Quote from: MrLee on March 20, 2024, 04:38:19 PM
is it possibly a default rule blocking SNMP out to the internet
No.
Quote from: MrLee on March 20, 2024, 04:38:19 PM
or maybe it's double NAT
If you use OPNsense as a data centre firewall with only public addresses you should disable NAT entirely, IMHO.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 20, 2024, 05:36:22 PM #2
will the block rules still work?

that's my main reason for switching from the router I had.
March 20, 2024, 05:37:46 PM #3
Quote from: MrLee on March 20, 2024, 05:36:22 PM
will the block rules still work?

Block rules and allow rules work entirely independent from NAT like in any decent firewall.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
March 20, 2024, 05:47:59 PM #4
I will try during off hours tonight.

thanks for the advice.
Print
Go Up Pages1
User actions