"
Thx
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#331
19.1 Legacy Series / Re: opnsense-update -kr 18.7.7 update on dev not working?
November 09, 2018, 09:31:53 AM #332
18.7 Legacy Series / For one App or program - explicitly use the host DNS server?
November 09, 2018, 08:20:23 AM
Is there a way for a particular app or program to explicitly use the host DNS server of my ISP and for all other programs the DNS servers (General / Settings / System) specified by me?
thx
regards rené
thx
regards rené
#333
19.1 Legacy Series / opnsense-update -kr 18.7.7 update on dev not working?
November 09, 2018, 08:09:28 AM
using
opnsense-update -kr 18.7.6 is the current version ?
Code Select
opnsense-update -kr 18.7.7 failed ?opnsense-update -kr 18.7.6 is the current version ?
#334
Web Proxy Filtering and Caching / Re: Squid - SSLBump Windowsupdate
October 22, 2018, 04:10:20 PMQuote from: fabian on October 21, 2018, 09:09:18 PM
This means one of their servers has an invalid certificate (incorrect hostname, not in valid time range, untrusted CA etc.). It is usually not an error at your side.
Would be great if opnsense would have a solution as pfsense too.
I assume that I'm not the only one who uses windows clients.
According to squid wiki this should work here, only the options are missing in opnsense:
https://wiki.squid-cache.org/ConfigExamples/Caching/WindowsUpdates
Unfortunately, I know that this works for pfsense. Its only possible in opnsense by editing the config files only manuel. But I prefer to keep my fingers off.
#335
Web Proxy Filtering and Caching / Re: Squid - SSLBump Windowsupdate
October 22, 2018, 01:38:04 PM
Thx for your Information.
Regards,
Rene
Regards,
Rene
#336
Web Proxy Filtering and Caching / Re: Squid - SSLBump Windowsupdate
October 21, 2018, 01:32:15 PM
so sometimes it works and sometimes not. usually not. why it sometimes works is not clear to me.
most time proxy gets these errors:
cache:
access:
Anyone knows how to fix this?
most time proxy gets these errors:
cache:
Code Select
routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)access:
Code Select
TAG_NONE/503 4283 POST https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx - HIER_NONE/- text/htmlAnyone knows how to fix this?
#337
Web Proxy Filtering and Caching / Re: Squid - SSLBump Windowsupdate
October 21, 2018, 09:12:36 AM
Strange, right in the moment I dropped my posting it worked. I will post my solution here then if I know what exactly where and must register and what domains now really work.
I use squid transparent with certificat.
I use squid transparent with certificat.
#338
Web Proxy Filtering and Caching / Re: Squid - SSLBump Windowsupdate
October 21, 2018, 09:06:34 AM
have already tried everything but under windows 10, the updates are not recorded. get exactly the same error message.
does anyone know this or can implement such a feature in opnsense?
Code Select
kid1| Error negotiating SSL on FD 36: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)does anyone know this or can implement such a feature in opnsense?
#339
General Discussion / Re: dropbox as client networkdrive is blocked on transparent proxy
October 20, 2018, 09:20:57 PM
I misspelled the entry in the "no ssl bump" section. I wrote ".dropbox" and forgot ".com".
After I have corrected this, everything now works as it should.
:-)
After I have corrected this, everything now works as it should.
:-)
#340
General Discussion / dropbox as client networkdrive is blocked on transparent proxy
October 20, 2018, 04:00:25 PM
hope someone can help me or just give me a good advise!
i use transparent squid proxy with cert for https and http.
i have a problem using dropbox as a networkdrive for uploading and syncing!
1. i opened up ports 17500, 17600 and 17603!
https://www.dropbox.com/en/help/desktop-web/configuring-firewall
2. i made a no rdr rule for traffic the goes directly to dropbox.com and http://dropbox.com by alias!
i even pinged the url to get the ip´s and and entered them to alias list too.
3. i added the ip of dropbox.com to "unrestricted ip adresses" under access control list.
4. i added "*.dropbox.com, .dropbox.com " to the whitelist.
5. i added ".dropbox.com" to the no ssl bump sites.
but i only get my networkdrive working for uploading and syncing by completely disable the nat rules for transparent proxy. "No RDR" doesn´t work and i found no solution in the forum.
Entering the dropbox by browser works but networkdrive can´t establishe any connection.
Firewall log says nothing!
can someone help me find the problem ?
regards
rené
i use transparent squid proxy with cert for https and http.
i have a problem using dropbox as a networkdrive for uploading and syncing!
1. i opened up ports 17500, 17600 and 17603!
https://www.dropbox.com/en/help/desktop-web/configuring-firewall
2. i made a no rdr rule for traffic the goes directly to dropbox.com and http://dropbox.com by alias!
i even pinged the url to get the ip´s and and entered them to alias list too.
3. i added the ip of dropbox.com to "unrestricted ip adresses" under access control list.
4. i added "*.dropbox.com, .dropbox.com " to the whitelist.
5. i added ".dropbox.com" to the no ssl bump sites.
but i only get my networkdrive working for uploading and syncing by completely disable the nat rules for transparent proxy. "No RDR" doesn´t work and i found no solution in the forum.
Entering the dropbox by browser works but networkdrive can´t establishe any connection.
Firewall log says nothing!
can someone help me find the problem ?
regards
rené
#342
Documentation and Translation / Re: Confusing Documentation for Newbies
October 17, 2018, 06:23:29 AMQuote from: ricsip on October 16, 2018, 02:10:52 PM
I do understand jokes, its just that I dont like them :)
Ok, to be serious: (possibly) the core team are wasting a lot of their precious time if the frequently asked questions are answered every single time in this forum. Instead of getting the same answer (as it has already been typed into the database in the past), copy-paste it to a relevant place on the wiki. Instant win! No need to type it twice, forum is not inflated unnecessarily, and wiki pages are progressing at least into some form of completion.
That was not meant as a joke.
Unfortunately, there are a lot of members who offer good solutions, but then prefer to let others do it.
Counting, unfortunately, only does what is implemented.
#343
Documentation and Translation / Re: Confusing Documentation for Newbies
October 15, 2018, 08:17:43 PMQuote from: ricsip on October 15, 2018, 01:38:26 PM
I think thats what I am going to do. After I learned how Github basics works.
The only thing worries me, why nobody from the thousands of community member has already added these simple parts? Is your approval system, that makes people give up the effort to make docs better?
Since I feel that you would enjoy it, I think that from now on you will be the chosen person who can make a documentary about the best free firewall.
By doing so, you would make the entire community very happy and relieve many developers.
#344
Documentation and Translation / Re: Confusing Documentation for Newbies
October 15, 2018, 08:14:37 PM
:-)
#345
General Discussion / Does anyone know why the hostnames aren´t shown in the arp table?
October 15, 2018, 02:59:58 PM
see my screenshot
