Messages

1

Hardware and Performance / Re: DHCP service for multiple VLAN

« on: February 16, 2022, 02:53:32 am »

Thanks for giving me a good idea to start.

Let me share my experience:

Environment
SG-250 have 2 vlan with id 1,2, opnsense connect to vlan1

Opnsense side
1. add a vlan with id 2
2. assign interface for vlan2
3. enable dhcp service on vlan2

SG-250
1. configure opnsense port to trunk

That's all

2

Hardware and Performance / DHCP service for multiple VLAN

« on: February 15, 2022, 03:36:25 am »

Hello, everyone

I just got a cisco SG-250 switch and plan to create 2 VLAN on it.
Opnsense will connect to VLAN1. Is it possible to assign IP to
VLAN2 from opnsense dhcp service? I googled and found a similiar
topic years ago and it say it not possible.

If opnsense can not help, I should build a dhcp server on vlan1 and
use SG-250 dhcp relay feature to assign IP to VLAN2. Is this idea
correct?


Thanks,

3

19.1 Legacy Series / opnsense 19.1.8 serial console access problem

« on: May 31, 2019, 03:18:15 am »

Hi, all

I am runngin opnsense 19.1.8.If I uncheck 'Password protect the console menu' option, I can see full function menu in serial console. If I check 'Password protect the console menu' option, I got login prompt, I tried to login using a account which is ok for web ui, I got 'this account is currently not available' error and back to login prompt.
Is there anything I should check to get serial console access?


Thanks,
 

4

19.1 Legacy Series / Re: OpenVPN : Certificate is not intended for server use

« on: May 21, 2019, 03:28:20 am »

please take a look at this topic

https://forum.opnsense.org/index.php?topic=12092.0

seem the same issue, it might help

5

19.1 Legacy Series / Re: [SOLVED] Certificate check wrong result?

« on: May 19, 2019, 09:48:46 am »

I just migrate to opnsense today and got the same issue. Here is how I solve this problem:

When create certificate for openvpn server, you should have 'X509v3 key usage' and
'X509v3 Extended key usage' options. My first created certificate only has 3 'X509v3 key usage'
digital signaute, non repudiation, key encipherment, and this certificate wont work instead
showed describe error above. While create seconde certificate, I also select 3 'X509v3 Extended key usage'
TLS web server, TLS web client, code signing, and this one accepted by opnsense openvpn
server.

Hope this helps

6

Hardware and Performance / Re: Giga network hardware requirement

« on: February 15, 2018, 12:48:47 am »

Thank you very much for your advice. That explains why even Intel core i3 CPU cannot speed up network performance. My NIC are all PCI interface. I will try to replace NIC with PCIe interface.

7

Hardware and Performance / Re: Giga network hardware requirement

« on: February 14, 2018, 01:49:14 pm »

I thought HD is the bottleneck at first until I borrow this network applicance. OPNsense has 2 interface, DMZ and LAN. ftp server is connect to DMZ and my PC is connect to LAN. If OPNsense hardware is network appliance described earily post, transfer speed from DMZ to LAN can be up to 100Mb per second. If OPNsense hardware is my old PC, transfer speed from DMZ to LAN dropped to 50Mb per second. Upgrade PC's CPU will not increase transfer speed. I can't figure out why PC's transfer speed is slower than network applicance.
BTW: PC's NIC chip is Intel 82540EM.

8

Hardware and Performance / Giga network hardware requirement

« on: February 14, 2018, 02:53:58 am »

Hello, all

I am new to forum and use OPNsense for a while. I borrowed a network appliance which is similar to qotom, a small destop equipped Intel celeron N3060 and 4 i211 network port, which can transfer file using filezilla speeding up to 100MB  per second. But my own device is a old PC with AMD sempron 2200 CPU and 2 intel pro / 1000 network adapter for LAN and DMZ, this old PC can transfer file from DMZ to LAN using filezilla only up to 50MB per second. I tried to upgrade this old PC with Intel core i3 560 CPU and mother board once, but transfer speed still only limited to 50MB per second. I wonder what's the bottleneck limited my old PC network performance and how to improve it.

Any advice would be appreciated.