meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
sw:opnsense:issues [2020/09/11 08:49] niziaksw:opnsense:issues [2025/08/20 12:12] (current) niziak
Line 1: Line 1:
-====== ISSUES ======+====== OPNSense issues ====== 
 + 
 +===== WAN bandwidth limited ===== 
 + 
 +4 port ''Intel(R) PRO/1000 Network Connection'' 
 + 
 +  * last post in: [[https://forum.opnsense.org/index.php?topic=17277.0|[Help] troubleshooting high latency issues]] 
 +  * [[https://forum.opnsense.org/index.php?topic=39763.0|Bandwidth cut in half when traversing system but direct bandwidth test is fine]] 
 +  * [[]] 
 +https://forum.opnsense.org/index.php?topic=15019.0 
 + 
 +https://forum.opnsense.org/index.php?topic=9693.0 
 + 
 +[[https://forum.opnsense.org/index.php?topic=6590.0|Performance tuning for IPS maximum performance]]
  
  
Line 13: Line 26:
 ==== multiwan: when primary WAN fails, local connectivity stops ==== ==== multiwan: when primary WAN fails, local connectivity stops ====
 Primary WAN fails: Primary WAN fails:
- - Local (from OPNSense host) DNS doesn't work +  - Local (from OPNSense host) DNS doesn't work 
- - local connectivity also doesn't work ``No route to host`` +  - local connectivity also doesn't work ``No route to host`` 
- - internet for LAN users works (switched to WAN2) +  - internet for LAN users works (switched to WAN2) 
- - one LAN device cannot connect to 8.8.8.8 DNS server, because this request is still forwarded to WAN1+  - one LAN device cannot connect to 8.8.8.8 DNS server, because this request is still forwarded to WAN1
  
 SOLUTION ? SOLUTION ?
 +PROPOSALS: 
 +  - Allow DNS server list to be overridden by DHCP/PPP on WAN = CHECKED  <– uncheck this
 +
  
 ==== multiwan: port reflection not working ==== ==== multiwan: port reflection not working ====
Line 75: Line 91:
 Firewall --> Settings --> Advanced: Tick **Disable force gateway** (Outgoing packets from this firewall on an interface which has a gateway will normally use the specified gateway for that interface. When this option is set the route will be selected by the system routing table instead.) Firewall --> Settings --> Advanced: Tick **Disable force gateway** (Outgoing packets from this firewall on an interface which has a gateway will normally use the specified gateway for that interface. When this option is set the route will be selected by the system routing table instead.)
  
 +
 +====== cannot reach another VLAN from VPN ======
 +
 +Check for asymetric routing. Firewall cannot track one way packet flow so packets are blocke by default rule.
 +Solution is to add pass rule without connection tracking enabled (tracking ''none'').