1
General Discussion / Re: How to configure Application Filter
« on: July 14, 2018, 09:53:55 pm »
Thanks I got it. Let me try it
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
General Discussion / How to configure Application Filter
« on: July 14, 2018, 05:53:34 pm »
Hi,
How to activate or configure the application filter in the IPS signature.
https://github.com/opnsense/rules#opnsense-suricata-application-detection
I need your help.
Regards,
Deepak Kumar
How to activate or configure the application filter in the IPS signature.
https://github.com/opnsense/rules#opnsense-suricata-application-detection
I need your help.
Regards,
Deepak Kumar
3
General Discussion / Re: Planning to use as Internal Segmentation Firewall (ISFW)
« on: July 14, 2018, 04:00:02 pm »
Thanks for your information. What about if I will give 32Gb RAM with HP Gen9 DL380 (16 core CPU) dedicated server for this firewall.
https://www.hpe.com/us/en/product-catalog/servers/proliant-servers/pip.specifications.hpe-proliant-dl380-gen9-server.7271241.html
Regards,
Deepak Kumar
https://www.hpe.com/us/en/product-catalog/servers/proliant-servers/pip.specifications.hpe-proliant-dl380-gen9-server.7271241.html
Regards,
Deepak Kumar
4
General Discussion / Planning to use as Internal Segmentation Firewall (ISFW)
« on: July 14, 2018, 02:50:54 pm »
Dear All,
I am planning to use the Opensense firewall as ISFW in my office datacenter. As per basic requirement, I need 40 Gbps speed for "east-west" traffic. My planning to implement this with 8 vCPU, 16 Gb RAM.
Please guide, will it handle the 40Gbps throughput? I want IPS + Antivirus + Some Basic Firewall Rules. But the most important topic, It will work in Bridge mode.
Regards,
Deepak Kumar
I am planning to use the Opensense firewall as ISFW in my office datacenter. As per basic requirement, I need 40 Gbps speed for "east-west" traffic. My planning to implement this with 8 vCPU, 16 Gb RAM.
Please guide, will it handle the 40Gbps throughput? I want IPS + Antivirus + Some Basic Firewall Rules. But the most important topic, It will work in Bridge mode.
Regards,
Deepak Kumar
5
General Discussion / Re: Secondary gateway / Route not working
« on: May 15, 2018, 01:07:07 pm »
Its resolved after configuring the Floating rules in the firewall.
Regards,
Deepak Kumar
Regards,
Deepak Kumar
6
General Discussion / flowd_aggregate is not running after update 18.1.6-i386?
« on: April 18, 2018, 07:20:27 am »
Hi,
Getting below error:
flowd_aggregate.py: flowd aggregate died with message Traceback (most recent call last): File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 148, in run aggregate_flowd(do_vacuum) File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 85, in aggregate_flowd stream_agg_object.cleanup(do_vacuum) File "/usr/local/opnsense/scripts/netflow/lib/aggregate.py", line 277, in cleanup self._update_cur.execute('delete from timeserie where mtime < :expire', {'expire': expire_timestamp}) DatabaseError: database disk image is malformed
Regards,
Deepak Kumar
Getting below error:
flowd_aggregate.py: flowd aggregate died with message Traceback (most recent call last): File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 148, in run aggregate_flowd(do_vacuum) File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 85, in aggregate_flowd stream_agg_object.cleanup(do_vacuum) File "/usr/local/opnsense/scripts/netflow/lib/aggregate.py", line 277, in cleanup self._update_cur.execute('delete from timeserie where mtime < :expire', {'expire': expire_timestamp}) DatabaseError: database disk image is malformed
Regards,
Deepak Kumar
7
General Discussion / Schedule for start services or disable a service for specific time
« on: March 13, 2018, 09:25:37 am »
Hi,
Many of times my team members where disabled the IPS or some firewall rules and many of times he forgot to enable it back. Is there any way to make an auto script or schedule for enable the service back after a certain time period.
Regards,
Deepak Kumar
Many of times my team members where disabled the IPS or some firewall rules and many of times he forgot to enable it back. Is there any way to make an auto script or schedule for enable the service back after a certain time period.
Regards,
Deepak Kumar
8
General Discussion / Purpose of Notification setting
« on: March 13, 2018, 09:22:51 am »
Dear All,
Can anyone explain that what is the purpose the notification setting configuration under the system-setting? I configured the notification setting one year before and its working fine but I never got any notification from firewall site.
1. How can I enable the notification on user login?
2. How can enable the notification on any IPS detection?
3. How Can enable the notification of any configuration changes as disabling the feature etc?
Regards,
Deepak Kumar
Can anyone explain that what is the purpose the notification setting configuration under the system-setting? I configured the notification setting one year before and its working fine but I never got any notification from firewall site.
1. How can I enable the notification on user login?
2. How can enable the notification on any IPS detection?
3. How Can enable the notification of any configuration changes as disabling the feature etc?
Regards,
Deepak Kumar
9
General Discussion / ClamAV in Bridge (Transport) mode without proxy
« on: January 28, 2018, 12:43:19 pm »
Hi,
I am using OPNSense in transport mode in my office. I want to use its AntiVirus feature as ClamAV without any proxy configuration.
Can you guide me, is it possible? and will it work without any proxy configuration?
Regards,
Deepak Kumar
I am using OPNSense in transport mode in my office. I want to use its AntiVirus feature as ClamAV without any proxy configuration.
Can you guide me, is it possible? and will it work without any proxy configuration?
Regards,
Deepak Kumar
10
General Discussion / returned exit status 1
« on: December 11, 2017, 10:08:50 am »
Hi Support Team,
I am trying to update IPS and System firmware. But I got "returned exit status 1" error message and update not happening. I can ping Internet from my firewall but an update is not happening.
Please guide me to error "Returned exit Status 1"
Thanks,
Deepak Kumar
I am trying to update IPS and System firmware. But I got "returned exit status 1" error message and update not happening. I can ping Internet from my firewall but an update is not happening.
Please guide me to error "Returned exit Status 1"
Thanks,
Deepak Kumar
11
General Discussion / Secondary gateway / Route not working
« on: October 30, 2017, 12:33:57 pm »
Hi Everyone,
I am facing an issue with a route. I am using OPNsense firewall in Bridge mode. My Internal Network (behind the l3 Core Sw) is on 10.10.10.0/24 series and my ISP router to L3 Switch Uplink (Firewall is between of both) are on 10.10.11.0/24 series.
I have added a default route toward to WAN, is working fine. But I have added a static route toward to my L3 Switch and Internal LAN is not working fine.
Firewall routing table is:
root@FO-FIREWALL:~ # netstat -r
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 10.10.11.1 UGS bridge0
google-public-dns- 10.10.11.1 UGHS bridge0
10.10.10.0/24 10.10.11.3 UGS bridge0
10.10.10.21 10.10.11.3 UGHS bridge0
10.10.11.0/24 link#7 U bridge0
10.10.11.2 link#7 UHS lo0
10.10.11.3 02:14:a0:a5:14:00 UHS bridge0
localhost link#4 UH lo0
When I am trying to my 10.10.10.0 series system then getting the following error:
root@FO-FIREWALL:~ # ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1): 56 data bytes
36 bytes from 10.10.11.1: Redirect Host(New addr: 10.10.11.3)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 607e 0 0000 3f 01 f214 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 607e 0 0000 01 01 3015 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Redirect Host(New addr: 10.10.11.3)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 3da3 0 0000 3f 01 14f0 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 3da3 0 0000 01 01 52f0 10.10.11.2 10.10.10.1
Please help to troubleshoot the issue.
Thanks,
Deepak Kumar
I am facing an issue with a route. I am using OPNsense firewall in Bridge mode. My Internal Network (behind the l3 Core Sw) is on 10.10.10.0/24 series and my ISP router to L3 Switch Uplink (Firewall is between of both) are on 10.10.11.0/24 series.
I have added a default route toward to WAN, is working fine. But I have added a static route toward to my L3 Switch and Internal LAN is not working fine.
Firewall routing table is:
root@FO-FIREWALL:~ # netstat -r
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 10.10.11.1 UGS bridge0
google-public-dns- 10.10.11.1 UGHS bridge0
10.10.10.0/24 10.10.11.3 UGS bridge0
10.10.10.21 10.10.11.3 UGHS bridge0
10.10.11.0/24 link#7 U bridge0
10.10.11.2 link#7 UHS lo0
10.10.11.3 02:14:a0:a5:14:00 UHS bridge0
localhost link#4 UH lo0
When I am trying to my 10.10.10.0 series system then getting the following error:
root@FO-FIREWALL:~ # ping 10.10.10.1
PING 10.10.10.1 (10.10.10.1): 56 data bytes
36 bytes from 10.10.11.1: Redirect Host(New addr: 10.10.11.3)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 607e 0 0000 3f 01 f214 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 607e 0 0000 01 01 3015 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Redirect Host(New addr: 10.10.11.3)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 3da3 0 0000 3f 01 14f0 10.10.11.2 10.10.10.1
36 bytes from 10.10.11.1: Time to live exceeded
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 3da3 0 0000 01 01 52f0 10.10.11.2 10.10.10.1
Please help to troubleshoot the issue.
Thanks,
Deepak Kumar
12
General Discussion / Re: Transparent Filtering Bridge problem
« on: September 22, 2017, 05:21:29 pm »
If you have L3 switch for your LAN and using VLAN routing then please configure a new route toward to switch also.
13
General Discussion / Secondary gateway not working
« on: September 03, 2017, 09:53:01 pm »
I am using version OPNsense 17.7.1_2-i386 as Bridge mode. My network topology as
(Router 10.10.9.1)-------->OPNSsense (10.10.9.2)------->(L3 Switch)------>10.10.11.0/24
(10.10.9.3)|
|------>10.10.30.0/24
I have two gateway on firewall
1. 10.10.9.1 (Default)
2. 10.10.9.3
I have added two routes for my internal subnets.
But the gateway which I will be added in the first row is working for all. It does not use my static route for internal vlans. If I will add the first gateway as 10.10.9.3 (not default gateway marked) then it is working fine but another gateway (default) is not working.
Please guide me, How I will troubleshoot the issue?
Thanks,
Deepak
(Router 10.10.9.1)-------->OPNSsense (10.10.9.2)------->(L3 Switch)------>10.10.11.0/24
(10.10.9.3)|
|------>10.10.30.0/24
I have two gateway on firewall
1. 10.10.9.1 (Default)
2. 10.10.9.3
I have added two routes for my internal subnets.
But the gateway which I will be added in the first row is working for all. It does not use my static route for internal vlans. If I will add the first gateway as 10.10.9.3 (not default gateway marked) then it is working fine but another gateway (default) is not working.
Please guide me, How I will troubleshoot the issue?
Thanks,
Deepak
14
General Discussion / Re: suricata not detect!
« on: July 24, 2017, 09:09:22 pm »
There are many reasons
1. May be IPS mode not enabled
2. May be IPS signature not enabled
3. Right Interface is not selected etc
Please share your network diagram and firewall configurations.
1. May be IPS mode not enabled
2. May be IPS signature not enabled
3. Right Interface is not selected etc
Please share your network diagram and firewall configurations.
15
General Discussion / How can I update 17.7.10 to 17.7.r2?
« on: July 24, 2017, 08:58:41 pm »
Hi,
I am using 17.7.10 (today update) but there is some other updating also available (17.7.r2).
Please guide me.
How can I update 17.7.10 to 17.7.r2?
Regards,
Deepak Kumar
I am using 17.7.10 (today update) but there is some other updating also available (17.7.r2).
Please guide me.
How can I update 17.7.10 to 17.7.r2?
Regards,
Deepak Kumar
Pages: [1] 2