Messages

1

23.1 Legacy Series / Re: Default deny / state violation rule takes precedence over a custom rule

« on: June 19, 2023, 03:47:08 pm »

Yes, the Rule is under the VLAN interface in the Firewall>Rules> VLAN.

What I noticed in live view is that only tcp S flags (SYNC) are allowed while A (ACK) are being blocked.

On server side (it's Proxmox server with 3 vlans configured 70, 71, 99 via one NIC bridge) when I ssh from client in VLAN70 to server IP address in VLAN70 everything is ok, but the issue occurs when reaching VLAN99 proxmox address from VLAN70. Here are 2 sessions, the first one works fine, the second is frozen:

Code: [Select]

# netstat -pant | grep ssh
tcp        0      0 192.168.70.10:22        192.168.70.103:34538    ESTABLISHED 2257291/sshd: root@
tcp        0   3604 192.168.99.10:22        192.168.70.103:54188    ESTABLISHED 2254739/sshd: root@

There's an arp table for my proxmox attached below. As I'm not network expert, please let me know what outputs and commands could be valuable for diagnosing the problem.

2

23.1 Legacy Series / Re: Default deny / state violation rule takes precedence over a custom rule

« on: June 19, 2023, 12:19:56 pm »

Yes I did. Unfortunately it didn't help.

3

23.1 Legacy Series / Default deny / state violation rule takes precedence over a custom rule

« on: June 19, 2023, 02:24:12 am »

Hello. I have several vlans. I want to allow vlan70 to access a host in a vlan99 over ssh. Sounds easy so I created a rule (img1).

I tried to ssh to the host from vlan70 to vlan99 and it worked, but ssh connection freezes after a few seconds. Opnsense live view log attached as img2.

So at first my rule allows to connect, but after several seconds auto-generated rule "Default deny / state violation rule" (img3) blocks the traffic. Why is it so?

4

22.1 Legacy Series / Re: After upgrade to v22 Opnsense crashes very often

« on: March 29, 2022, 10:53:39 pm »

The same issue:
https://forum.opnsense.org/index.php?topic=27706.0

5

22.1 Legacy Series / Re: Opnsense Randomly Rebooting since 22.1.4 Update

« on: March 29, 2022, 10:53:15 pm »

The same issue:
https://forum.opnsense.org/index.php?topic=27592.0

6

22.1 Legacy Series / Re: After upgrade to v22 Opnsense crashes very often

« on: March 29, 2022, 10:50:55 pm »

I've got exactly the same problem. All working fine, nothing special in logs and suddenly reboot. Anybody has any clues how we can debug what causes the reboot? This also started happening after upgrade to 22.1 in my case.

7

General Discussion / Re: Unbound fails to start on boot

« on: April 18, 2020, 11:13:18 pm »

I do confirm. When openvpn server is set up for a single interface only, unbound starts on boot without issues.

8

General Discussion / Re: Unbound fails to start on boot

« on: December 02, 2019, 11:07:27 pm »

I have this problem too, and YES I have openvpn server running.

9

General Discussion / Re: DHCP static mapped hostname to DNS resolver, without specifying IP

« on: May 22, 2019, 09:41:52 am »

This is how it ended up:
https://github.com/opnsense/core/issues/2946#issuecomment-493452319

10

General Discussion / DHCP static mapped hostname to DNS resolver, without specifying IP

« on: April 09, 2019, 09:36:38 am »

Hi. I configured DHCP Static Mappings for an interface without providing IP address (only MAC + hostname). So I want the IPs to be assigned from the poool and DNS resolver to get the mappings and serve them but unfortunately it doesn't work. I've got  Register DHCP static mappings option checked under Unbound DNS -> General.
DNS resolution works fine when I add an IP address to DHCP Static Mappings but this is not the way I want to go.

As you can see on a screenshot, devices get leases but no hostname assignments.

The situation was described on Netgate forums:
https://forum.netgate.com/topic/125306/dhcp-static-mapped-hostname-to-dns-resolver-without-specifying-ip

People claim this might be pfSense bug, so maybe it was inherited by OPNSense.

Any clue how to get things work? Or maybe someone can confirm that this is a bug in fact.