Hello everyone,
Thanks to all for the help for the last argmnt. I have an other problem.
I managed to enter on opnsense on firefox in kali linux, and I logged in; then I started to prepare it to run well modifying the options and so on...
then My pc shut down for low battery ( I know... wtf ) and Once I re start the pc, and now begin the problem: Kali linux Is connected to internet ( I ping my IP and everything goes well , if i ping 8.8.8.8 or 8.8.4.4 it doesnt run....AAAAAND firefox shows that problem:
Hmm. We're having trouble finding that site.
We can't connect to the server at www.google.com.
If that address is correct, here are three other things you can try:
Try again later.
Check your network connection.
If you are connected but behind a firewall, check that Firefox has permission to access the Web.
please can anyone help me ? Sorry im new over here and on opnsense Im following the LS111 laboratory on youtube ( pretty good but I stuck in this problem :/ )
Thanks to everyone !
If you are running OpnSense virtually on the machine that shutdown for low battery, you have to check the Unbound DNS settings and DNS servers used by your firewall.
When you change settings on opnsense, it isn't enough that you save the changes, you also have to apply changes (which appears to top corner of each main page) or those changes are lost after every time your machine or virtual machine client restarts itself
and where i can reach the dns settings ? :-X :-X :-X i still have problems...
Could you draw a diagram of the network you set up in Virtualbox?
What is the reason you are trying to access OPNsense from another virtual machine? Can't you just use the desktop system that runs Virtualbox to access the OPNsense VM?
Kind regards,
Patrick
dear Patrick
Im following a Laboratory about OPNsense on vm and im following step by steps what to do...
Now the pages on firefox in kali linux cannot load...
if i ping my ip address 192.168.1.60 everything goes well but if i ping 8.8.8.8 nothing works..
I need to use firefox on kali linux but Im stuck in this problem...i cannot load pages...
Without giving us a detailed diagram of all networked systems involved and all relevant IP addresses and configurations, how should we be able to help you?
* Are your Kali VM and the OPNsense VM connected via a host-only network?
* Is this host-only network configured as LAN in OPNsense?
* Is the DHCP server active in OPNsense?
* Is Kali Linux configured to use DHCP in that host-only network?
* Does Kali Linux get an IP address in the correct network segment?
* Does Kali Linux receive the correct default gateway (IP-Address of your OPNsense)?
* Does the OPNsense VM itself have a correct default gateway and IP address in the NAT network?
* Can the OPNsense VM ping e.g. 8.8.8.8
Nobody here has got a crystal ball. You need to find answers to all of these questions and that alone will probably lead you to the solution.
Besides, have you asked the author of that laboratory why their instructions don't work for you?
dear patrick im sorry. U right but im new in that process I've always worked in other...
so i will try to explain something..
- Kali VM and the OPNsense VM connected are connected via internal net ( intnet)
- I configured lan in Opnsense
- I do not know if the DHCP server active is active on OPNsense and I do not know how to see.
- Yes Kali Linux receive the correct default gateway
- Im able to ping 192.168.1.60 which is IP opnsense , Im able to ping 192.168.1.65 IP kali but im not able to ping 8.8.8.8 or / 4.4. " network unreachble"
The lab is online and registered im not in contact with the author.. but i will try to do it..
Aaa first I need to ask.
Is there a router or a modem in your house or place where you are hosting your opnsense?
Difference (physical that is) between the two is, that router connect to internet either wirelessly or has ethernet port assigned for "WAN" or "INTERNET", modem connects to internet using coaxial cable (looks like old TV cable) or serial cable (which can look like ethernet, but is actually RJ-45 serial cable, way you are able to tell the difference, is to count the pins on RJ-47 which is ethernet cable, or just by plugging it on the port, if it's serial there's no internet)
If you are using router, then either put your router to AP mode (most wireless routers have that) which will disable it's DHCP, NAT and Firewall, or unplug the cable from WAN and connect it to Opnsense machines WAN port.
If it is modem, then you need to see, how to configure opnsense, which is connected to a modem.
Downside of OpnSense is, that it only works out of the box with default settings when you can connect it directly to the internet using ethernet cable (A.K.A. somwhere in your house, there's an ethernet socket on the wall and you just need to connect opnsense to that, with ethernet cable.)
Let's break it to steps to find out what is going on.
On Kali, open terminal and ping google.com.
If you manage to ping google.com, this means your connection is working, so check which IP it connects to, that tells if your PC is connecting to IPv4 or IPv6.
Pinging is bit misunderstood, you might be unable to ping certain IPs because firewall is blocking that among other reasons.
Traceroute tells you, if routes are correct or not. Not being able to ping 8.8.8.8 is not a sign of any issue other than not being able to ping it, not being able to traceroute implies, there's a routing issue.
Vilhonator I thought he was trying to run a virtualised Kali behind a virtualised OPNsense with the latter using the local network of the VirtualBox host as its uplink.
Then again he might not. Without a network diagram and a description what is actually to ve accomplished, we cannot tell.
Quote from: pmhausen on January 09, 2023, 05:46:17 PM
Vilhonator I thought he was trying to run a virtualised Kali behind a virtualised OPNsense with the latter using the local network of the VirtualBox host as its uplink.
Then again he might not. Without a network diagram and a description what is actually to ve accomplished, we cannot tell.
It seems the machines are all connected to either modem or router, since all are receiving local IPs, so issue is most likely with routing or having "Block private networks" enabled on WAN or something other, very tiny detail and easy to miss
"It seems the machines are all connected to either modem or router, since all are receiving local IPs, so issue is most likely with routing or having "Block private networks" enabled on WAN or something other, very tiny detail and easy to miss"
Dear VIlhonator YES ! ! ! u are in... u just understood the problem... all the vm are connected I have a router.
Kali and Opnsense are connected with the same Subnetmask but different Ip obv...
maybe i have to insert manually a gw?
Im not able to ping google.com But im able to ping the IP of OPNsense and the Ip of Kali.
when i insert the command routes that's the result:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
I guess maybe i have to insert a gw ? but i tried to and nothing changed.
THANKS FOR YOUR PRECIOUS HELP ! !
i dont know if it can help but once i opened opnsense log in on kali , the author of this lab show how to modify some stuff :
from the section interfaces-->settings--> HARDWARE CRC : I disabled hardware checksum offload; HARDWARE TSO: disabled hardware tcp segmentation offload; HARDWARE LRO: disabled hardware large receive offload.
then in the services that opnsense shows I enable: the intrusion and detection systm, the ips mode , the promiscuous mode, the syslog alerts.
That's all. Then the pc shut down because of the low battery i didnt realized ... and now im not able to load the internet pages on firefox ( from Kali linux..)
:o :o :o :o :o :o :o :o :o :o :o :o :o :o :o :o
Perhaps it would help if you described your desired setup a bit more.
An OPNsense VM and a Kali Linux VM both connected through your host's networking - what do you want to do with these?
Do you intend to "protect" the Kali Linux VM with the OPNsense VM? Or what else?
Kind regards,
Patrick
The trace route result tells you have wrong route, so nothing on opnsese that isn't related to to either route, firewall or NAT won't help.
Here's a longshot, try bridging all both lan and WAN on opnsese, that might help, but I would ask help from someone who knows how to connect opnsense to a router or modem.
thanks so much Vilhonator...i will try...
Dear Patrick, actually Im following a laboratory and im not sure why to use opn sense I need kali linux...
If i can , i will post the link with the video maybe it can help ?
But i don't want to bother ! i will try your suggestions..
Just keep in mind that you might have to revert settings on Opnsense without accessing webgui or ssh.
Bridging ports temporarily disconnect all network activity on the ports, so you won't be able to connect to opnsense remotely using web gui or ssh, if bridging doesn't work.
Also you don't need to make any videos to describe your configuration, just open paint (or drawing program) and draw out the layout of your things (see image, that's my network layout)
Network topology is a description or drawing of network devices and clients at your home
As you can see from image, inside my apartments fuse box, there is a ethernet port which has 2 cables, 1 going all the way down to switchboard of my apartment block that connects to internet and 1 that goes under the floor or behind the ceiling to ethernet socket in my living room.
From living rooms ethernet, I have ethernet cable connected to WAN port of my Opnsense, and from opnsense LAN port, I have ethernet cable going to my switch.
Lastly from one of the ports of my switch, I have ethernet cable connected to my computer.
That means my Opnsense isn't behind any firewalls, modems or routers, so in other words it is directly connected to Internet and receives public IP address.
There is a way to get things working without being able to connect your opnsense firewall directly to internet, but that is something I would recommend avoiding, since it's in the area of either routing, 1:1 Nat or being able to disable NAT, DHCP and firewall of your router or modem, last option rarely being an option, unless you own enterprise level router or modem
Quote from: Vilhonator on January 10, 2023, 08:22:13 AM
Bridging ports temporarily disconnect all network activity on the ports, so you won't be able to connect to opnsense remotely using web gui or ssh, if bridging doesn't work.
He's running a virtualized OPNSense in VirtualBox ...
I resolved by installing vmware and works from there :/ it seems i had problems with oracle...
We told you about the networking limitations of VirtualBox. You still did not say what you want to achieve at all? Just curious. ;)