1
17.7 Legacy Series / Re: Daily backup configuration on Google Drive
« on: October 02, 2017, 08:34:15 pm »
Maybe not daily, but this would be useful...Is it possible to set up a cron job to get this done?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
15.7 Legacy Series / Re: [SOLVED] Traffic Shaper for VoIP?
« on: August 04, 2017, 10:33:32 pm »
I know this is old, but is this the best way to shape traffic for VOIP?
3
17.1 Legacy Series / Set Up VPN WITHOUT TOTP
« on: June 15, 2017, 08:22:15 pm »
Hello and thank you in advance...
I have set up VPN access using the following howto:
https://docs.opnsense.org/manual/how-tos/sslvpn_client.html
I'd like to remove the TOTP so users just need a password to access the VPN. I know this is less secure, but I need this setup temporarily.
Do I just remove the TOTP VPN server, and the related information on the users, or do I need to replace the server with something?
Thank you,
dp
I have set up VPN access using the following howto:
https://docs.opnsense.org/manual/how-tos/sslvpn_client.html
I'd like to remove the TOTP so users just need a password to access the VPN. I know this is less secure, but I need this setup temporarily.
Do I just remove the TOTP VPN server, and the related information on the users, or do I need to replace the server with something?
Thank you,
dp
4
17.1 Legacy Series / Re: Unsure of IDS Status
« on: May 17, 2017, 02:09:26 pm »
Just to close this circle...
I did a factory reset and re-configured the firewall. All is well.
Thank you,
dp
I did a factory reset and re-configured the firewall. All is well.
Thank you,
dp
5
17.1 Legacy Series / Re: Unsure of IDS Status
« on: May 16, 2017, 09:46:33 pm »
Thank you for getting back.
OK...I thought I did that when I initially set up IDS/IPS. But just to be sure, I disabled all the rules, then disabled IDS and IPS.
Re-inabled and got the same result.
My FIrmware is 17.1.4 (2017-03-29). I understand that there is a more recent Firmware, but I cannot update to it. I tried using the default server and the server in Nebraska and I got the message: Could not find the repository on the selected mirror.
I am not sure if these are related, but just thought I'd give you all the information I have.
Thank you,
dp
OK...I thought I did that when I initially set up IDS/IPS. But just to be sure, I disabled all the rules, then disabled IDS and IPS.
Re-inabled and got the same result.
My FIrmware is 17.1.4 (2017-03-29). I understand that there is a more recent Firmware, but I cannot update to it. I tried using the default server and the server in Nebraska and I got the message: Could not find the repository on the selected mirror.
I am not sure if these are related, but just thought I'd give you all the information I have.
Thank you,
dp
6
17.1 Legacy Series / Re: Unsure of IDS Status
« on: May 16, 2017, 07:27:14 pm »
Sorry for the delay...
When I click "Download & Update Rules" the pinwheel spins for a moment then stops. The rules never show as "Installed"
What am I missing?
When I click "Download & Update Rules" the pinwheel spins for a moment then stops. The rules never show as "Installed"
What am I missing?
7
17.1 Legacy Series / Unsure of IDS Status
« on: May 03, 2017, 06:20:34 pm »
Hello and TYIA~
I followed these instructions:
https://docs.opnsense.org/manual/how-tos/ips.html
and am not getting the expected results. After enabling the IDS rules, they still show as "not installed" in the rule list. (see attached)
How can I tell if these rules are installed and working?
Thank you,
dp
I followed these instructions:
https://docs.opnsense.org/manual/how-tos/ips.html
and am not getting the expected results. After enabling the IDS rules, they still show as "not installed" in the rule list. (see attached)
How can I tell if these rules are installed and working?
Thank you,
dp
8
17.1 Legacy Series / Re: Restrict access To web server
« on: May 03, 2017, 05:01:58 pm »
Yes. That was my next solution.
Thank you!
Thank you!
9
17.1 Legacy Series / Restrict access To web server
« on: May 02, 2017, 10:04:22 pm »
Hello and thank you in advance...
I am not sure what to search for so please excuse me if this has been covered.
I have a webserver to which I would like only one or two people to have access from outside the network. Is it possible to restrict access to particular ports by Mac address or some other metric?
Although this server IS password protected, I am not crazy about having it hanging out there for the world to hack at.
Thank you,
dp
I am not sure what to search for so please excuse me if this has been covered.
I have a webserver to which I would like only one or two people to have access from outside the network. Is it possible to restrict access to particular ports by Mac address or some other metric?
Although this server IS password protected, I am not crazy about having it hanging out there for the world to hack at.
Thank you,
dp
10
17.1 Legacy Series / Re: !help! OPNSense configuration with OpenVPN and DD-WRT Netgear X6
« on: April 24, 2017, 06:20:49 pm »
Yep, what Noctur said.
11
17.1 Legacy Series / Re: !help! OPNSense configuration with OpenVPN and DD-WRT Netgear X6
« on: April 24, 2017, 03:47:30 am »
I just re-read your original post. It looks like you are having a two separate problems.
1. You can't VPN.
a. What are you trying to VPN to?
b. When you try to connect to the VPN are you outside of your network?
2. You cant connect when you are behind the router.
a. Why are you wanting to use a router behind a router?
If this is for WiFi access, then you should shut down EVERYTHING except the WiFi. Have the X6 pick up its address VIA DHCP from the OPNSense and have the clients also use the OPNSense as the DHCP server. I bet there is SOME programming on the X6 that is getting in the way of the OPNSense.
1. You can't VPN.
a. What are you trying to VPN to?
b. When you try to connect to the VPN are you outside of your network?
2. You cant connect when you are behind the router.
a. Why are you wanting to use a router behind a router?
If this is for WiFi access, then you should shut down EVERYTHING except the WiFi. Have the X6 pick up its address VIA DHCP from the OPNSense and have the clients also use the OPNSense as the DHCP server. I bet there is SOME programming on the X6 that is getting in the way of the OPNSense.
12
17.1 Legacy Series / Re: Slow throughput
« on: April 22, 2017, 11:06:00 pm »
Bart,
Thank you for taking the time. I have upgraded HW. I am now using a Dual Core Pentium and it is running MUCH more efficiently!
Thank you for the lesson.
dp
Thank you for taking the time. I have upgraded HW. I am now using a Dual Core Pentium and it is running MUCH more efficiently!
Thank you for the lesson.
dp
13
17.1 Legacy Series / Re: Slow throughput
« on: April 22, 2017, 02:46:08 am »
Incidentally, how do you determine that Suricata is the culprit by looking at the information I provided? I just want to learn to be more self-sufficient.
Thank you,
dp
Thank you,
dp
14
17.1 Legacy Series / Re: !help! OPNSense configuration with OpenVPN and DD-WRT Netgear X6
« on: April 22, 2017, 02:35:39 am »
I am also a newbie...If I were you, For testing purposes, just connect through a simple switch connected to the OPNSense box.
I would disable EVERYTHING on the X6 and just use it as an AP.
I would disable EVERYTHING on the X6 and just use it as an AP.
15
17.1 Legacy Series / Re: !help! OPNSense configuration with OpenVPN and DD-WRT Netgear X6
« on: April 22, 2017, 02:15:35 am »
It sounds like you may be double NAT'd. How is the X6 Configured?