Messages

1

Intrusion Detection and Prevention / Re: In transparent bridge mode, can IPS be enabled on bridge interface

« on: December 11, 2018, 01:08:51 pm »

Hello
I have a computer with a transparent bridge configured, the ids filters the LAN and WAN gate, the Pattern matcher is aho-Corasick

2

General Discussion / Re: problem with external private ip's

« on: December 03, 2018, 06:58:14 pm »

Any ideas? Help

thanks

3

General Discussion / Re: problem with external private ip's

« on: November 27, 2018, 10:25:54 pm »

this is the log that the firewall shows me by ssh

Code: [Select]

00:00:00.005422 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 20699, offset 0, flags [none], proto UDP (17), length 62)
    192.169.11.134.60302 > 200.50.96.90.53: 64208+ A? dns.msftncsi.com. (34)
 00:00:00.007765 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 26297, offset 0, flags [DF], proto TCP (6), length 60)
     192.169.13.75.49852 > 168.195.56.81.443: Flags [S], cksum 0xe5c0 (correct), seq 2352920936, win 29200, options [mss 1460,sackOK,TS val 34335644 ecr 0,nop,wscale 7], length 0
 00:00:00.000006 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 52630, offset 0, flags [DF], proto TCP (6), length 60)
     192.170.13.75.45642 > 31.13.94.24.443: Flags [S], cksum 0xeb20 (correct), seq 2724008523, win 29200, options [mss 1460,sackOK,TS val 34335644 ecr 0,nop,wscale 7], length 0
 00:00:00.003420 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 5077, offset 0, flags [DF], proto TCP (6), length 492)
     192.169.15.224.41726 > 190.98.133.224.443: Flags [P.], seq 58273697:58274137, ack 2704364150, win 762, options [nop,nop,TS val 16704 ecr 2430859080], length 440
 00:00:00.016381 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 22974, offset 0, flags [none], proto UDP (17), length 62)
     192.170.13.215.61705 > 200.50.96.90.53: 32118+ A? go.microsoft.com. (34)
 00:00:00.005550 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 28225, offset 0, flags [none], proto UDP (17), length 69)
     192.169.15.228.54252 > 200.50.96.130.53: 34045+ A? win8.ipv6.microsoft.com. (41)
 00:00:00.047879 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 9339, offset 0, flags [DF], proto UDP (17), length 73)
     192.169.16.155.36542 > 200.50.96.90.53: 54963+ A? googleads.g.doubleclick.net. (45)
 00:00:00.004089 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 64968, offset 0, flags [DF], proto TCP (6), length 85)
     192.169.14.152.49406 > 31.13.94.14.443: Flags [P.], cksum 0x8e87 (correct), seq 265131073:265131106, ack 407923771, win 351, options [nop,nop,TS val 2651075 ecr 2507244509], length 33
 00:00:00.003133 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 0, offset 0, flags [DF], proto TCP (6), length 64)
     192.170.14.22.51727 > 17.248.137.141.443: Flags [S], cksum 0x5ccb (correct), seq 1272202283, win 65535, options [mss 1460,nop,wscale 7,nop,nop,TS val 745643595 ecr 0,sackOK,eol], length 0
 00:00:00.000008 rule 6/0(match): block in on em0: (tos 0x0, ttl 124, id 947, offset 0, flags [none], proto UDP (17), length 89)
     192.169.14.123.54903 > 94.245.121.253.3544: UDP, length 61
 00:00:00.001896 rule 6/0(match): block in on em0: (tos 0x0, ttl 60, id 34749, offset 0, flags [none], proto TCP (6), length 1001)
     192.170.16.139.35191 > 172.217.192.95.443: Flags [P.], seq 1393307038:1393307987, ack 26




thanks

4

General Discussion / Re: problem with external private ip's

« on: November 27, 2018, 07:20:21 pm »

Hello, any ideas?

I've already tried creating rules in the lan interface with an ip's alias, but it does not work

Thank you

5

General Discussion / problem with external private ip's

« on: November 26, 2018, 10:23:22 pm »

Hello

I have a problem with an MPSL network,

the opnsense delivers a local dhcp to the router. in each site has dhcp.

I can navigate connected from the switch. but the traffic from the other site says Deny default rule.


How can I unblock these ip's?

thanks

Thank you

6

Hardware and Performance / problem with NIC DGE-560T

« on: November 21, 2018, 10:01:21 pm »

Hello

I have a computer with opnsense, with 2 nic Dlink DGE-560T, these nic work 10/00/1000.

The problem that I have happens when I connect the nic to a sw hp v1910- 24g the nic cards have a speed of 100, if I force the connection by the switch the port falls down. I attach images.
(the lan interface is integrated to the computer, the cable used is cat6 certified)



Interfaces



forcing the switch port



interface options




How can I solve this problem?

Thank you

7

General Discussion / Re: help to configure opnsense networks

« on: November 20, 2018, 04:15:04 pm »

I'm wrong this ip 10.1.0.1 

I already have a WAN and WIFI bridge, I need to see from the network 10.1.0.1 the ip 192.168.1.7

thanks

8

General Discussion / Re: help to configure opnsense networks

« on: November 19, 2018, 08:08:58 pm »

I already have a WAN and WIFI bridge, I need to see from the network 10.0.0.1 the ip 192.168.1.7

thanks

9

General Discussion / help to configure opnsense networks

« on: November 15, 2018, 10:26:39 pm »

Hello

I have a Firewall with two different networks

I have configured the WIFI and WAN interface as a transparent bridge (10.1.0.0), and I need to see a computer from that network as shown in the image.



how can I configure the opnsense so that I see the ip 192.168.1.7

thanks