Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Time to live exceeded
« previous
next »
Print
Pages: [
1
]
Author
Topic: Time to live exceeded (Read 8679 times)
cryptoparty
Newbie
Posts: 37
Karma: 0
Time to live exceeded
«
on:
August 29, 2017, 05:58:02 pm »
I got :
arm1 - Opnsense1 - gw - Opnsense2 - arm2
when i try ping from arm1 to arm2 i see messages about loss packets: Time to live exceeded
Logged
www.itsecforu.ru
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #1 on:
August 30, 2017, 11:01:58 am »
from arm2 i can ping Wan interface of Opnsense2 10.8.10.6/30, but cant ping 10.8.10.5/30 interface of gw.
Mb u know where should I check something?
Logged
www.itsecforu.ru
franco
Administrator
Hero Member
Posts: 17749
Karma: 1620
Re: Time to live exceeded
«
Reply #2 on:
August 30, 2017, 11:46:56 am »
Maybe you need to unblock private networks in your Interface: [WAN] configurations?
Cheers,
Franco
Logged
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #3 on:
August 30, 2017, 12:31:59 pm »
Unlocked privates and bogon networks and disabled all packet filtring
Logged
www.itsecforu.ru
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #4 on:
August 30, 2017, 01:24:08 pm »
Will it works, if I use opnsenses without Internet connection? I connect them through gw ( debian ):
and I use gw for WAN interfaces 192.168.2.150 and 10.8.10.5 ip-adresses respectively. Would it work correct ?
in file /etc/defaults/rc.conf :
gateway_enable = "NO"
Is it ok?
«
Last Edit: August 30, 2017, 03:31:50 pm by cryptoparty
»
Logged
www.itsecforu.ru
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #5 on:
August 31, 2017, 01:18:50 pm »
Now I fix it.
Problem was with ip address ob debian.
But now i got other one
I can ping remote opnsense's wan interface but cant ping lan ? any ideas how to tune it?
Logged
www.itsecforu.ru
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #6 on:
September 04, 2017, 09:47:52 am »
Need I surely make Firewall Rules Site A & Site B for using Ipsec , or I can disable all packet filtering?
Logged
www.itsecforu.ru
cryptoparty
Newbie
Posts: 37
Karma: 0
Re: Time to live exceeded
«
Reply #7 on:
September 04, 2017, 12:57:15 pm »
I mean: Do I need to make Firewall rules how u show it in tutorial or I can disable it and Ipsec will work?
«
Last Edit: September 04, 2017, 04:40:17 pm by cryptoparty
»
Logged
www.itsecforu.ru
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Time to live exceeded