1
16.7 Legacy Series / Re: 16.7.10 how to revert back to 16.7.9
« on: December 09, 2016, 12:37:04 am »
Versions OPNsense 16.7.10-amd64
FreeBSD 10.3-RELEASE-p11
LibreSSL 2.4.4
FreeBSD 10.3-RELEASE-p11
LibreSSL 2.4.4
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
16.7 Legacy Series / 16.7.10 how to revert back to 16.7.9
« on: December 09, 2016, 12:10:38 am »
This update has broken my VPN / Virtual Gateway connections.
How do i revert back to 16.7.9 please
seeing this in the log
configd.py: unable to sendback response [OK ] for [filter][reload][None] {e4d2f24c-3fe2-4951-9d29-1633b9dc70f1}, message was Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 202, in run self.connection.sendall('%s\n' % result) File "/usr/local/lib/python2.7/socket.py", line 228, in meth return getattr(self._sock,name)(*args) error: [Errno 32] Broken pip
How do i revert back to 16.7.9 please
seeing this in the log
configd.py: unable to sendback response [OK ] for [filter][reload][None] {e4d2f24c-3fe2-4951-9d29-1633b9dc70f1}, message was Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 202, in run self.connection.sendall('%s\n' % result) File "/usr/local/lib/python2.7/socket.py", line 228, in meth return getattr(self._sock,name)(*args) error: [Errno 32] Broken pip
3
16.7 Legacy Series / UPNP over OPENVPN Gateway + Plex
« on: November 25, 2016, 10:00:19 am »
In the UPNP settings for Interfaces, there is no option to select the OpenVPN Client Gateway.
I have three VPN interfaces defined and a gateway for interface down.
I can't use UPNP with plex unless the VPN Gateway is included.
I have three VPN interfaces defined and a gateway for interface down.
I can't use UPNP with plex unless the VPN Gateway is included.
4
16.7 Legacy Series / Floating Rules don't work properly.
« on: November 18, 2016, 11:45:48 am »
I have two LAN segments green and blue.
WAN is connected via OpenVPN.
I have a work laptop which i want to bypass the VPN and go over normal WAN.
If i set on Firewall-Rule on
Interface Green0
Proto Any
Source mylaptop
destination Any
Gateway Red0_DHCP
it is working.
if i try to make this rule as a floating rule
Interface Green0, Blue0
Proto Any
Direction (tried both out and in)
Source mylaptop
Destination Any
Gateway Red0_dhcp
It continues to route via OpenVPN and not the Red interface.
This is also true for a DNS rule.
I have to make a separate DNS rule on the green and blue interface
Proto TCP/UDP
Source Any
Port Any
Destination Any
Port 53
Gateway *
This is working.
If i make a floating rule.
The services that use the openVPN work, but mylaptop doesn't resolve DNS names.
WAN is connected via OpenVPN.
I have a work laptop which i want to bypass the VPN and go over normal WAN.
If i set on Firewall-Rule on
Interface Green0
Proto Any
Source mylaptop
destination Any
Gateway Red0_DHCP
it is working.
if i try to make this rule as a floating rule
Interface Green0, Blue0
Proto Any
Direction (tried both out and in)
Source mylaptop
Destination Any
Gateway Red0_dhcp
It continues to route via OpenVPN and not the Red interface.
This is also true for a DNS rule.
I have to make a separate DNS rule on the green and blue interface
Proto TCP/UDP
Source Any
Port Any
Destination Any
Port 53
Gateway *
This is working.
If i make a floating rule.
The services that use the openVPN work, but mylaptop doesn't resolve DNS names.
5
16.7 Legacy Series / Re: [SOLVED] UPNP seems not working anymore since update to 16.7
« on: November 13, 2016, 07:32:06 am »
Franco, the problem is under the Services, UPNP, Settings, Interfaces:
there are only;
Blue, Green, Red, Opt1, Opt2, Opt3
there is no Openvpn interface.
As i have openvpn setup as a client going to Opt1, 2, 3 for failover no ports are opened.
I note this same issue appears on the pfsense board as well.
there are only;
Blue, Green, Red, Opt1, Opt2, Opt3
there is no Openvpn interface.
As i have openvpn setup as a client going to Opt1, 2, 3 for failover no ports are opened.
I note this same issue appears on the pfsense board as well.
6
16.7 Legacy Series / Re: [SOLVED] UPNP seems not working anymore since update to 16.7
« on: November 12, 2016, 02:17:10 pm »
It doesn't work for me.
But I note there is no OPENVPN interface, so don't see how it can be setup to work anyway.
But I note there is no OPENVPN interface, so don't see how it can be setup to work anyway.
7
16.7 Legacy Series / Re: UDP timeout settings for SIP
« on: November 09, 2016, 06:16:53 pm »
openvpn udp / expressvpn with multiple connections and gateway for latency and packetloss
8
16.7 Legacy Series / Re: UDP timeout settings for SIP
« on: November 09, 2016, 11:39:28 am »
found it, thanks.
Issue seemed to be with the vpn - although i didn't have the issue when there were no rules.
I setup the VOIP connection to bypass the vpn and it seems to work now.
Issue seemed to be with the vpn - although i didn't have the issue when there were no rules.
I setup the VOIP connection to bypass the vpn and it seems to work now.
9
16.7 Legacy Series / UDP timeout settings for SIP
« on: November 09, 2016, 08:03:37 am »
I have a single sip phone and have set the NAT rules up.
Connections work and outgoing/incoming calls work, however are talking for sometime the call drops.
i see on pfsense forums that they say the default UDP timeout is too aggressive for sip and needs to be increased.
it that true for opnsense as well? if so, where do we do it?
Connections work and outgoing/incoming calls work, however are talking for sometime the call drops.
i see on pfsense forums that they say the default UDP timeout is too aggressive for sip and needs to be increased.
it that true for opnsense as well? if so, where do we do it?
10
16.7 Legacy Series / how to exclude individual machine from going via openvpn
« on: November 08, 2016, 10:58:09 am »
after some struggles, i managed to get opnsense setup so that it connects to 3 separate locations of my VPN provider and routes that traffic from two separate lan segments via the vpn. the vpn balancing based on packet loss and latency seems to work as i verified that provider point changes throughout the day.
i have a work laptop which connects via a vpn client on the laptop. obviously i don't need to route this via my home vpn.
can someone advise how i set this up to exclude the client which could potentially connect via either of the two lan segments.
gracias
i have a work laptop which connects via a vpn client on the laptop. obviously i don't need to route this via my home vpn.
can someone advise how i set this up to exclude the client which could potentially connect via either of the two lan segments.
gracias
11
16.7 Legacy Series / Re: Gateway group: connections not really balanced
« on: November 03, 2016, 11:46:20 pm »
Hi there,
I have trying to achieve the same thing you have succeeded in, but without success.
https://forum.opnsense.org/index.php?topic=3859.0
Would you mind to share your config steps please? I have followed the instructions for wan load balancing and so on, per my post...but i still can't get it to work properly.
The gateway service (apinger) doesn't start on boot - and the vpn works with dns resolution until i start the service.. then nothing works, but i see a route of 0.0.0.0 to the 3rd VPN...which does have traffic as my provider only allows to active connections at once.
I have trying to achieve the same thing you have succeeded in, but without success.
https://forum.opnsense.org/index.php?topic=3859.0
Would you mind to share your config steps please? I have followed the instructions for wan load balancing and so on, per my post...but i still can't get it to work properly.
The gateway service (apinger) doesn't start on boot - and the vpn works with dns resolution until i start the service.. then nothing works, but i see a route of 0.0.0.0 to the 3rd VPN...which does have traffic as my provider only allows to active connections at once.
12
16.7 Legacy Series / Re: newbie help with initial setup of VPN Client to Provider
« on: November 03, 2016, 09:07:35 pm »
This is very bizarre, i followed the instructions here https://docs.opnsense.org/manual/how-tos/multiwan.html i.e. regarding setting up the monitoring on the gateways, but for the VPNs.
Now:
- according to system/gateways page: vpn3 (tier 2) is down
- dashboard status, all 3x vpn connections are up
- system/routes/status / default gateway is vpn3
- vpn/status - all three are up
- firewall/rules/openvpn - green0/blue0 * * * Gateway = gateway pool name
- firewall/rules/vpn1&2&3 / no rules defined
- tracert goes via vpn3 (tier2) while other two are tier1
- if i change the gateway on the green0/blue/ to the pool as stated, routing doesn't go via vpn at all.
Now:
- according to system/gateways page: vpn3 (tier 2) is down
- dashboard status, all 3x vpn connections are up
- system/routes/status / default gateway is vpn3
- vpn/status - all three are up
- firewall/rules/openvpn - green0/blue0 * * * Gateway = gateway pool name
- firewall/rules/vpn1&2&3 / no rules defined
- tracert goes via vpn3 (tier2) while other two are tier1
- if i change the gateway on the green0/blue/ to the pool as stated, routing doesn't go via vpn at all.
13
16.7 Legacy Series / Re: newbie help with initial setup
« on: November 01, 2016, 05:46:47 pm »
I'm close, but not there yet and could use some help.
a) 3x VPN Clients established (vpn0, vpn1, vpn3)
b) 3x interfaces defined (vint0, vint1, vpn2)
c) 1x Group (EVPN) round robin, all Tier1 vpn0, vpn1, Tier 2 vpn2
d) FW-Rules
OPENVPN source green0 to any - gateway EVPN
GREEN0 source green0 to any - gateway EVPN
VINT0 source green0 to any - gateway EVPN
VINT1 source green0 to any - gateway EVPN
VINT2 source green0 to any - gateway EVPN
3) FW-NAT-Outbound
VINTO source green0 to any nat VINTO
OpenVPN source green0 to any nat OpenVPN
I am doing something wrong, cause the clients on green0 are not routing through the VPN.
Not even talking about the vpn pool.
*** after reboot, routing goes via the vpn goes across vpn0 but doesn't auto re-reroute across vpn1 if i stop vpn0
a) 3x VPN Clients established (vpn0, vpn1, vpn3)
b) 3x interfaces defined (vint0, vint1, vpn2)
c) 1x Group (EVPN) round robin, all Tier1 vpn0, vpn1, Tier 2 vpn2
d) FW-Rules
OPENVPN source green0 to any - gateway EVPN
GREEN0 source green0 to any - gateway EVPN
VINT0 source green0 to any - gateway EVPN
VINT1 source green0 to any - gateway EVPN
VINT2 source green0 to any - gateway EVPN
3) FW-NAT-Outbound
VINTO source green0 to any nat VINTO
OpenVPN source green0 to any nat OpenVPN
I am doing something wrong, cause the clients on green0 are not routing through the VPN.
Not even talking about the vpn pool.
*** after reboot, routing goes via the vpn goes across vpn0 but doesn't auto re-reroute across vpn1 if i stop vpn0
14
16.7 Legacy Series / Re: fwbuilder compatibility
« on: November 01, 2016, 02:06:33 pm »
to be able to build a complete set of rules and then apply them at once.....
if something broken, quick reversion to the previous working ones.
i am beginner.....
if something broken, quick reversion to the previous working ones.
i am beginner.....
15
16.7 Legacy Series / fwbuilder compatibility
« on: November 01, 2016, 01:54:35 pm »
Does anyone know if http://www.fwbuilder.org is compatible with opnsense 16.7 such that the firewall rules can be built off line and trasnferred by ssh?
Pages: [1] 2