Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - jwoodard80

#1
Welcome any thoughts or feedback on the below suggestion. If I am missing something and it is already in place please help me with finding this. :-)

I have multiple sites that am having to make several changes that could break access right there (Network address changes, Firewall changes, Routing, Etc.)  ........ I'm scared. HAHA!

The remote sites have 0.75% technical experience.... I was thinking about my MikroTik days and remember that if I happened to make a incorrect change that those changes would be reverted if I failed to connect back or didn't apply them within X time.

If this or anything like it sounds reasonable I would be happy to help test this

I was wondering if something similar couldn't be added here. It might not have to be enabled by default, but, could be enabled/disabled before someone attempted breaking changes.

Example:  Admin has to change a WAN IP

--- Working Correctly

     - Admin logs in and enables "Breaking Changes Mode" (Or whatever better name)
          -- The working config is immediately "snapshot or backed up"
          -- Working config is placed as the config to be used on reboot
          -- Timer Starts 
          -- Notification Alert shows at top
     - Admin makes changes just as they normally would
     - Tests changes and is happy with results
     - Disables "Breaking Changes Mode"
          -- Previous backed up config is then removed to prevent use on reboot.


--- Failed Change

     - Admin logs in and enables "Breaking Changes Mode" (Or whatever better name)
          -- The working config is immediately "snapshot or backed up"
          -- Working config is placed as the config to be used on reboot
          -- Notification Alert shows at top
     - Admin makes changes just as they normally would
     - Finds they have made a mistake and are unable to connect back to the GUI
     - Connection timer expires, or some other defined trigger
     - Breaking Changes Mode begins
          -- Previous Snapshot is automatically restored
          -- Router is Rebooted (if needed)
          -- Other actions such as logging the issue, etc...
     - Admin wait for completion of restore
     - Admin is able to start again, thankful they have not messed up and now having to make a multiple day trip



#2
Same here... I love them and have been watching ebay for when they come up. I just got one that was a 115 for $31 since they didn't have a PS for it.

Just bought 6 with rack mounts for $75. We had been running PFSense on Dell optiplexes at our warehouses and new boss wanted to change to more application specific hardware. I was able to get him to move to OPNSense on them all since that is what I use at home and I explained it had a much more stable release cycle. Netgate moving away from PFSense "Community Edition" and me telling him about their less than adult practices and attitude pushed him over as well.

Cannot say enough good things about them.
#3
19.7 Legacy Series / Re: Trouble with DHCPD
March 03, 2020, 04:06:06 AM
I just wanted to acknowledge this as well. I'm going to turn in a issue on github. I worked for a good bit wondering why the lease wouldn't show only to find out that it was set in another vlan and wouldn't show again.
#4
General Discussion / Feature Request - Notes
September 16, 2019, 07:38:14 PM
I'm not sure if it's been suggested before as I didn't see it in my searches.

I would like to suggest the idea of a "Notes" section. The idea would be for internal documentation of router settings, etc.

I don't see the need for anything elaborate really as this wouldn't be for main documentation, just notes for whomever is maintaining the router regarding why things were setup how they were, contact information, etc.

My thought would be it would be a tab under services and basically be a online editor.

Thoughts?


#5
I thought I would post how I got this working.... I do want to first give credit to the PFSense forum where I found the answer. https://forum.netgate.com/topic/102869/openvpn-traffic-graphs

Answer: You have to create a new interface in "Assignments" with the ovpns1 interface that should be created when you setup OpenVPN.


Once created, you will enable the interface and then have the option to rename the interface. Make sure IPv4/6 configuration types are "none" and then save. No firewall rules should be needed or any further configuration at this point.


HOWEVER!!!! .... The forum post mentions you MUST reboot before it works. I would see traffic on the graph but no pings. I had everything configured right but it simply did not work until I rebooted. Then all was well again.

EDIT: As mentioned by Animosity022, you may be able to restart the VPN Server and everything work. No one was home so there was no issue rebooting my router so I did.