Messages

Hi Franco,

I did, but cannot tell if it's working because:

• My alias resolution stopped working for some reason
• Every time i reboot, i also need to restart pf in order to get the DNS resolution working

I was investigating this until i saw your post, i'll remove the alias rule to test the VPN patch and get back with the results.

In the meantime, do you have any idea why pf is behaving like this? The alias issue also could be a problem from pf?

Thanks.

Yep, this did it, fixed.

P.S. The support here is incredible!  :)

Thank you!

Franco, switched to devel, upgraded to rc1  ;D
Just couldn't wait  ::)

But now.. OpenVPN server will not start:

Code Select Expand


Jan 12 20:46:02 openvpn[56490]: Use --help for more information.
Jan 12 20:46:02 openvpn[56490]: Options error: --verify-client-cert none|optional must be used with --management-client-auth, an --auth-user-pass-verify script, or plugin
Jan 12 20:46:02 openvpn[56490]: DEPRECATED OPTION: --client-cert-not-required, use --verify-client-cert instead

Also, on some machines wua seems to work, some partially work, some don't.
When i say it breaks wua, i mean "check for updates" is returning an error and no other results.

Temporarily disabling IDS/IPS immediately fixes the issue on all machines.

Found some logs in /var/log but it looks like a mirror of the GUI/Alerts..

One (or more) of the Suricata rules brakes Windows Updates, but I am unable to find which one since there are no "blocked" alerts in the GUI.

Is there some other way to find out?

Ok, thanks Franco  :)

Hi guys,

No upgrades to 18.1.r1 from the GUI, this I understood :)
But can i upgrade from the console?

Nothing seems to work, definitely, i'm not doing it right.
Can you please help me out?

Thank you!

Thanks guys!
I do have several APs, i just wanted to play around with OPNsense wifi capabilities and learn some new stuff :-)

Oh well, some other time :-)

Further reading about this i think FreeBSD is not the best for wifi :)

Works great, i just needed to create the fw rule.

Thank you!

Fooled me  :)

Found this: https://www.applianceshop.eu/security-appliances/19-rack-appliances/opnsense-based/opnsense-quad-core-gen3-10gb-ssd.html

... down the page:

Total Firewall Throughput   ~18000Mpbs
Maximum packets per second   ~1.500.000 PPS
Maximum Port to Port Throughput   ~9400Mbps
Maximum VPN Throughput   IPsec: ~470Mbps (AES256) OpenVPN: ~550Mbps (AES256) / ~640Mbps (AES256+LZO) all with single tunnel
Maximum Statetable   6.000.000
Maximum Concurrent Sessions   3.000.000

Is this what you are looking for?

I got this showing up in pciconf:

none4@pci0:6:0:0:       class=0x028000 card=0x10108086 chip=0x24fd8086 rev=0x78 hdr=0x00
    vendor     = 'Intel Corporation'
    device     = 'Wireless 8265 / 8275'
    class      = network

It is, of course, my wifi adapter of the https://www.gigabyte.com/Motherboard/Z370N-WIFI-rev-10 mb.

Is there any way to install it so I can create a guest network, preferably AC (but anything else should be fine in the end)?

Found these:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220229
https://lists.freebsd.org/pipermail/freebsd-current/2017-October/067155.html

Unfortunately, this is way over my head, I would need some help if possible.

Many thanks!

Think i got it:

Code Select Expand

opnsense-update -U

That's it?