Messages

I am having 40 VOIP phone running behind OPNsense everything is working fine.
your issue is related to hardware if I am not mistaken.
what is your hardware configuration ? CPU ? Memory ? SSD?...

Thanks for your time.
Glad you don't have problem.
I didn't too when I was having M0N0 where only 4 firewall rules where there, the same of OPNSENSE.

CPU is XEON
RAM is 2GB
HDD is SDD 64GB
Ethernet is dual gigabit Intel pro
Actually it's a  Poweredge Dell Server

Don't tell me isn't enough  just for ONE voip.

Hi.
First of all thanks !

I have done these before post my thread message.

See in attachment.
To be sure, I haven't limited the SOURCE IP to my VOIP TRUNK provider (to avoid unpleasant surprise of my lines to be used by others) so it was for test open to ANY SOURCE.

No way. It automatically drop after 30 seconds.
I'm testing just ONE SIP phone (alcatel Temporis Ip200) but it happen with other 2 SIP phone (grand stream GXP2020) etc.

Now.... don't misunderstand me here.
When I was using M0N0wall, I have just the same setup as above.
No QoS nothing else.
Indeed M0n0 was just handling ADSL connection (PPPoE) and internal VOIP phone.
I remember I did setup the m0n0 and I did as same as for OPNsense.

I googled a lot and it seems the problems is with FIREWALL configuration (nothing to do with FIREWALL NAT/rules).

And about the log.... I don't see anything strange on the NORMAL view or DYNAMIC view FIREWALL log.
Unless you may guide me on how to read it (again as I said yesterday I'm in learning phase).

Appreciate your help.
If somebody can rescue me.
Thanks in advance
P.

Hi

I have a OPNsense firewall running smoothly.

I have add a VOIP phone inside the office connected to a local VOIP trunk provider.
I can make call and I can receive call.
But the problem is that ANY call (IN/OUT) is dropping automatically after 30seconds.

I googled and found that it may be problem on the firewall.
I'm not so IT expert so I don't know where I should put my hands to correct it.

Is there anybody with same situation can guide me ?
Appreciate and thanks in advance for your time and help

P.

YOU ARE MY HERO !!!!

THANK YOU THANK YOU THANK YOU!

I changed the LAN IP of the Vodafone router to 192.168.2.1 (instead of 192.168.0.1) and it worked.

Thank you so much.
I'm newbie but if is there anything I can help you, I will be here.

Paolo

What is the subnet you are connecting from?

Once the tunnel is up, can you ping the OPNsense firewall LAN interface on 192.168.0.0/24?

Bart...

I forgot to reply to this.
Yes, when I'm in 4G+TUNNEL connected, I can ping it the FIREWALL.
See screenshots.
But I can't connect to any of the internal DEVICE and I can only PING the FIREWALL

Thanks a lot for your prompt reply.

I knew that setting up the tunnel subnet same as LAN (192.168.0.0) wasn't going to work, but I just gave it a try.

Here are the 3 screeshosts :
- LAN
- 4G
- 4G + Tunnel

First of all, thanks for your time.
Second, sorry if I didn't provide any further information about it, but to avoid fill up the message with some not useful information I did prefer to leave them out and provide when required.

Hope can help:

1) Firewall has 2 ethernet card : LAN and WAN
2) WAN is PPPoE ADSL with userid/password
3) Firewall act as DHCP server on the LAN
4) LAN IP : 192.168.0.x / 24 (255.255.255.0)
5) WAN IP is static : 188.--.--.--
6) NAS on the LAN has fixed IP : 192.168.0.11
7) ASTERISK on LAN has fixed IP : 192.168.0.6
8) AFICIO RICOH NETWORK PRINTER IP : 192.168.0.8
9) PCs etc has dynamic IP on the LAN : 192.168.0.x (with X starting from .100)
10) In the VPN server parameters I setup :
- TUNNEL NETWORK : 192.168.1.0/24
- LOCAL NETWORK : 192.168.0.0/24
- INTER CLIENT COMMUNICATION : Allowed
- Everything else as per the link I have provided.

Now, when I connect my laptop to the LAN (DHCP) I got address 192.168.0.102 (for example), I can ping and connect all devices including printer/nas/ etc.
From OPNSENSE firewall I can ping all devices including my laptop

I disconnect from the LAN.
To be sure I log off and re-login (it's MacBookPro / OSX MAVERICKS)
I switch ON the WIFI.
I swtch ON my 4G ROUTER (LTE)
I got a local address: 192.168.1.100
I'm now connected on 4G VODAFONE network separately.

I switch ON VISCOSITY client.
I have previously imported the configuration file I exported from OPNSENSE (OPENVPN client export).
I connect successfully to OPNSENSE server VPN.
I got IP 192.168.1.100
But I can't connect to no one device: neither I can ping them.
When, for example,  I try to login at NAS admin page (192.168.0.11:5000 it's a SYNOLOGY), I can see in the window of the VISCOSITY client, peaks as generated traffic, but page failed to load after a while.

I have repeated all the operations of OPEN VPN set for 4/5 times.
Each time I carefully deleted all the certicaite, users, etc. reboot the firewall to be sure that (although no need it) any config wasn't loaded.

I tried also to do it following youtube videos (PFSENSE OPENVPN) but same result: connect, get IP 192.168.1.100 but no surf internal devices, no PING at all.

I tried one last thing:
10) In the VPN server parameters I changed setup to:
- TUNNEL NETWORK : 192.168.0.0/24
- LOCAL NETWORK : 192.168.0.0/24
both same as my LAN.

I got a strange IP when I connect with VISCOSITY : 192.168.0.33 (out of DHCP range and very unusual).
But again I can't ping, neither I can't surf.

Thanks for help.
Sorry if I have given informations not required.
If anything missing, please let me know I will try to provide although I'm a newbie.
(Previously using M0n0.ch since 2007 but never VPN before).

P.

I can connect using Viscosity but I can't surf any internal devices (NAS, printer, etc)

First of all the LAN has 192.168.0.x/24 while when I'm connected I get 10.0.0.6 because this is what I used as suggested in the how to on this link : https://www.kirkg.us/posts/building-an-openvpn-server-with-opnsense/

I repeated 3 times the how to, step by step but I can't surf internal clients.
I have double checked the Firewall NAT/Rules automatic rules was ticked.

I'm stuck.
Thanks for helping.
P.

Hi.

OpenVPN is giving me headache.

As per post of teces I'm not able to export .ovpn certificate.

In the VPN/OPENVPN/CLIENT EXPORT page there isn't any client list (see attachment).

I did follow this guide : https://www.kirkg.us/posts/building-an-openvpn-server-with-opnsense/

But Can't come out from there.

Anybody can help ?

Thanks