"Quote from: franco on September 27, 2018, 04:04:04 PM
Enable checkbox "Disable Reply-to" under Firewall: Settings: Advanced.
Thank you so much, Franco! It's help.
Maybe OPNsense team can add this to the manuals?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
18.7 Legacy Series / Re: 18.7.3 can't acces from WAN to ssh
September 27, 2018, 06:26:50 PMThank you so much, Franco! It's help.
Maybe OPNsense team can add this to the manuals?
#2
18.7 Legacy Series / Re: 18.7.3 can't acces from WAN to ssh
September 27, 2018, 03:12:00 PMQuote from: fabian on September 26, 2018, 06:44:19 PM
Your WAN is RFC1918 which is NOT routed to the public internet. You are probably behind a carrier grade nat which makes it impossible to reach your device via the internet or you are behind a home router which needs a port forward to make it work.
Yes, I know. This OPNsense installed on my server behind router.
It's IP - 192.168.88.120, my laptops IP - 192.168.88.85.
I want to connect from my laptop to OPNsense server with SSH.
All firewall rules is good (in my mind), all other settings is good (in my mind), but... I can't.
Any idea?
Quote from: marjohn56 on September 26, 2018, 06:16:21 PM
It takes all of 5 minutes to configure OpenVPN using the wizard, it's taken you longer than that already! 8)
Maybe it's good idea, but I want to connect via ssh, and not try everything in order to access from outside.
OPNsense is able to resolve the connection over ssh from the WAN network?
#3
18.7 Legacy Series / Re: 18.7.3 can't acces from WAN to ssh
September 26, 2018, 06:06:40 PMQuote from: qinohe on September 26, 2018, 05:35:57 PM
@ badwestguy,
You don't have option 'Block private networks' enabled on the WAN interface?
Greetings, mark
Both "Block private networks" and "Block bogon networks" is disabled.
Quote from: marjohn56 on September 26, 2018, 05:52:51 PM
Yes, use OpnVPN, then you can SSH into the LAN side of OPNsense without any issues.
It's much more harder to configure OpenVPN than only use ssh from WAN :)
#4
18.7 Legacy Series / Re: 18.7.3 can't acces from WAN to ssh
September 26, 2018, 05:39:07 PM
Thanks for answer, @marjohn56!
Yes, I know about the risks of using ssh at wan.
Now I want to configure web interface of the system (OPNsense) for using it in feature.
The main idea - edit files from wan port with sftp and ssh access.
Of course, I can doing it from PCs in LAN segment, but all this PC is virtual and it's not comfortable to work with OPNsense GUI from virtual PC with VNC.
Any idea how to connect from WAN to SSH?
Yes, I know about the risks of using ssh at wan.
Now I want to configure web interface of the system (OPNsense) for using it in feature.
The main idea - edit files from wan port with sftp and ssh access.
Of course, I can doing it from PCs in LAN segment, but all this PC is virtual and it's not comfortable to work with OPNsense GUI from virtual PC with VNC.
Any idea how to connect from WAN to SSH?
#5
18.7 Legacy Series / 18.7.3 can't acces from WAN to ssh
September 26, 2018, 01:56:44 PM
Hello OPNsense,
I recently decided to install opnsense as a firewall in my organization.
Before installing it as a main device, I decided to test its virtual version. Installed on one of the servers, indicated two virtual network adapters:
wan (dncp4) - 192.168.88.120/24 - received from my current router.
lan (static) - 10.10.1.1/24 - here works dhcp server
I created another virtual device (ubuntu 18.04) and connected it to the same network adapter.
After that, I turned on ssh on both network adapters (wan, lan), added rules for access, allowed the connection for root.
However, I have access only from the side of lan (from virtual ubuntu). The router remains unavailable from the wan network.
Configs here:
I recently decided to install opnsense as a firewall in my organization.
Before installing it as a main device, I decided to test its virtual version. Installed on one of the servers, indicated two virtual network adapters:
wan (dncp4) - 192.168.88.120/24 - received from my current router.
lan (static) - 10.10.1.1/24 - here works dhcp server
I created another virtual device (ubuntu 18.04) and connected it to the same network adapter.
After that, I turned on ssh on both network adapters (wan, lan), added rules for access, allowed the connection for root.
However, I have access only from the side of lan (from virtual ubuntu). The router remains unavailable from the wan network.
Configs here:
Pages1
