OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of massa »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - massa

Pages: [1]
1
20.1 Legacy Series / Re: Getting just around ~200Mbit of 1Gbit Bandwidth
« on: May 02, 2020, 10:37:08 pm »
Not doing PPPoE fortunately :)

I just dropped the APU1 for now and search for new HW. As I have read in the roadmap the next OPNsense version should be based on FreeBSD12. This does also mean newer WiFi cards are supported using AC standard.
So I am now thinking of waiting for that and then buying HW which can act as a full router/FW/Access Point.

Thanks all for your replies!

2
20.1 Legacy Series / Re: Getting just around ~200Mbit of 1Gbit Bandwidth
« on: April 26, 2020, 09:19:29 am »
Hmm.. You are right it seems it is indeed the HW.
The only weird thing is that the CPU doesn´t show a high load while doing a speedtest...
I might order a newer box then for testing.

Thanks for your support!

3
20.1 Legacy Series / Getting just around ~200Mbit of 1Gbit Bandwidth
« on: April 26, 2020, 08:41:53 am »
Hi guys,

just upgraded my ISP connection to 1Gbit, finally :)
Unfortunately I just get between 200 and 300Mbit via speedtest.net. If I connect directly to my ISP's Fritzbox I get the full 940Mbit.
For testing I´m currently directly connected with my PC to the OPNsense box. HW should not be an issue, using this APU Board: https://www.apu-board.de/produkte/apu1d4.html
CPU is an AMD G-T40E and also during speedtests it seems to be bored using "top".
No Intrusion Detection is enabled. MTU is on default which should be good I think.

Any ideas? I did some research already but was not able to find anything helpful...

4
20.1 Legacy Series / Re: Getting wrong SSL certificate of public website
« on: April 19, 2020, 09:39:54 am »
I use Pi-Hole in my LAN which is pointing to opnsense wherefrom unboundDNS should forward DNS requests to my ISPs DNS servers. This setup works totally fine without the mentioned website...
I don´t really get where the problem could be? Wouldn´t I get SSL warnings for all websites then?

But you are right - there is the difference between my LAN und Guest net as Guest clients just get my ISPs DNS servers via DHCP and not the Pi-Hole.

UPDATE: When I manually set my notebook's DNS to my ISP's servers it works fine but running through Pi-Hole --> OPNsense --> ISP DNS it returns the wrong certificate. I just don´t get why this only happens for this specific site?
I also found out that I only have the issue with the subdomain https://registry.npmjs.org/
https://npmjs.org works fine!


5
20.1 Legacy Series / Getting wrong SSL certificate of public website
« on: April 19, 2020, 09:04:29 am »
Hi all,

I have an iobroker instance running on a raspberry behind my opnsense. Unfortunately I am not able to update my adapters as I always get the following error:
Code: [Select]
ERR! code ERR_TLS_CERT_ALTNAME_INVALIDnpm ERR! errno ERR_TLS_CERT_ALTNAME_INVALID
npm
 ERR! request to https://registry.npmjs.org/iobroker.hm-rega failed, reason: Hostname/IP does not match certificate's altnames: Host: registry.npmjs.org. is not in the cert's altnames: DNS:a.sni.fastly.net, DNS:a.sni.global-ssl.fastly.net
When I access https://registry.npmjs.org/iobroker.hm-rega from my usual LAN network via my notebook I get an SSL warning as well.
When I switch to my guest WiFi (also running through OPNsense in a dedicated VLAN) I get the correct SSL certificate and no warning when accessing the website.

I use a TP-Link router flashed with openwrt as an access point and LAN Switch!

What could be issue here? Any ideas?

6
German - Deutsch / Re: Traffic eines Clients durch OpenVPN Tunnel ins Internet routen
« on: November 15, 2016, 05:07:23 pm »
Keine Ahnung warum, aber jetzt funktionierts plötzlich ^^
Danke für die Hilfe!

7
German - Deutsch / Re: Traffic eines Clients durch OpenVPN Tunnel ins Internet routen
« on: November 15, 2016, 04:39:33 pm »
Ui das ging flott!
Ich hatte tatsächlich noch keine NAT Regel erstellt, sieht jetzt so aus:
Interface       Source                Source Port   Destination   Destination Port   NAT Address   NAT Port   Static Port   
OPT2      192.168.10.0/24          *                     *                      *                  OPT2 address       *             NO

Funktioniert nur leider immer noch nicht ^^

8
German - Deutsch / Traffic eines Clients durch OpenVPN Tunnel ins Internet routen
« on: November 15, 2016, 03:28:16 pm »
Hallo zusammen,

ich bin gestern von pfSense auf OPNsense umgestiegen und ich hab irgendwie ein Brett vorm Kopf glaube ich..
Bitte helft mir es wieder loszuwerden :)

Ich habe folgenden Aufbau:

Server 1                             Internet                        Server 2
Client -> OPNsense <===OpenVPN Tunnel===> Ubuntu OpenVPN Server

Ich habe eine Connection laut Logfile und der Connection status anzeige.
Ich habe ein neues Interface zugewiesen und aktiviert und danach eine Firewall Regel für das neue Interface mit allow any erstellt. Zuletzt eine weitere Regel im LAN Interface mit der Client IP als Source und das neue Gateway welches automatisch erstellt worden ist für die VPN Strecke.
Dennoch wird kein Traffic durch den Tunnel geleitet sondern alles lokal ins Internet!

Ich komme einfach nicht darauf was ich vergessen haben könnte  ???

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2