Messages

1

20.7 Legacy Series / Re: updating to 20.7.3 stopped at "reloading template wireguard"

« on: September 27, 2020, 05:49:30 am »

I rebooted sunday (safe noone was using it)
it rebooted fine, but i had to redo the update.

now all seems fine.

2

20.7 Legacy Series / updating to 20.7.3 stopped at "reloading template wireguard"

« on: September 25, 2020, 12:59:04 am »

Hi all,

Just updating the work firewall. Did the home unit no issues and the satellite site no issues. When I did the main site it's stopped and the last log entry is

"Reloading template OPNsense/Wireguard: OK"

now it's just sitting there. It says updating please wait.
its working at the moment and everything is fine, it just hasn't finished updating.
I'll have people in that office soon, my plan is wait until the end of the working day and reboot.

Any advice would be welcome

3

General Discussion / IPoE bridged to opnsense

« on: January 22, 2020, 11:34:21 am »

Hi Guys,

Appreciate any help or direction.
I'm from Australia and Just got my new NBN connection which is VDSL2 IPoE with ISP iiNet.
I have a thompson/telstra tg799vac which handles the vdsl fine.
When I bridge the modem I cannot get opnsense to connect.
I have set the WAN to DHCP, form what I've read that should connect and sync.
When I have the modem in router mode, it connects fine without any username or password so I don't think that is the issue.
Once I bridge the modem, the webgui for the modem shows the dsl is connected, I just cant get opnsesne to get through to the net.

Any ideas would be appreciated.

4

Hardware and Performance / Re: intel pro/1000 PT quad not recognised

« on: November 24, 2019, 12:13:33 am »

never mind,
for now it seems a hardware issue between this motherboard and this card.
card works fine in my hp workstation but not in the asus desktop motherboard

5

Hardware and Performance / Re: intel pro/1000 PT quad not recognised

« on: November 23, 2019, 09:45:48 pm »

I guess there's no easy answer, I'll try putting windows10 on the box to confirm this combination of card and mobo works, maybe the x16 slot and that card don't work together. That will at least narrow down the issues.

6

Hardware and Performance / intel pro/1000 PT quad not recognised

« on: November 23, 2019, 07:42:07 am »

Hi All,

I have the above installed. It's not being picked up opnsense 19.1.4 fresh install.
It s a pci x4 card, it's in a pci x16 slot. from what Ive read this shouldn't be an issue
I've installed it in a windows box before and it reports working properly in device manager.
I can't get it to work in opnsense.
I added if_em_load="YES" to the system tunables page and checked that is reflected in loader.conf.

just not sure what to try next

7

General Discussion / Re: logging user dhcp

« on: September 10, 2019, 02:35:15 am »

ok ill have look at what i can run outside of opnsense and send the logs there, thanks for taking the time

8

General Discussion / logging user dhcp

« on: September 04, 2019, 02:08:54 am »

Hi All,

I'd like to build a custom log/report that shows each dhcp lease for a device.
Mainly i want to see what time staff get into the office/turn on their computer.
I looked at the dhcp logs but they only show me about a day.
In a perfect world I'd like to set up a report that shows the previous weeks leases for a range of devices.
Can anyone point me in the right direction please?

9

General Discussion / Re: Unbound & BIND

« on: July 30, 2019, 02:52:48 pm »

I have the same setup at home, there is no overrides in that setup.

I looked at the unbound.conf file and the custom options were followed by the forwarding zone again.
I removed the custom options and changed the forwarding mode in the conf file to 127.0.0.1@53530.

I see a section for dns rebinding prevention which lists private addresses and includes the loopback address, should I take that out of the conf file?

hmm I just reinstalled it on my home install and watched the install for bind, there's notes i didnt see.

Code: [Select]

BIND requires configuration of rndc, including a "secret"
key.  The easiest, and most secure way to configure rndc is
to run 'rndc-confgen -a' to generate the proper conf file,
with a new random key, and appropriate file permissions.

The /usr/local/etc/rc.d/named script will do that for you.

If using syslog to log the BIND9 activity, and using a
chroot'ed installation, you will need to tell syslog to install
a log socket in the BIND9 chroot by running:

  # sysrc altlog_proglist+=named

And then restarting syslogd with: service syslogd restart
maybe its working fine but just not logging

10

General Discussion / Re: Unbound & BIND

« on: July 30, 2019, 08:23:50 am »

Thanks for taking the time to respond.

Yes, I need overrides to point host names though vpn to a remote site on a different subnet.

11

General Discussion / Unbound & BIND

« on: July 30, 2019, 08:14:09 am »

Hi all,

I have unbound running and have just tried to configure bind per https://www.routerperformance.net/opnsense/dnsbl-via-bind-plugin/
When I check the logs in BIND for 'queries' and 'blocked' they don't show any results.
Should these logs show all the dns queries forwarded by unbound?

12

19.1 Legacy Series / Re: Firewall Logs

« on: June 20, 2019, 08:45:08 am »

Try the Detail tab under Reporting-Insight menu.
I'm not sure if that provides what you are after.

13

Intrusion Detection and Prevention / IPS and Web Filtering

« on: June 20, 2019, 05:00:10 am »

Hi,

I have IPS running with an assortment of rules blocking. I also have web filtering still running.
I use shallalist in the ACL with advertising, spyware and trackers selected.
Is there any point to running the web filtering when the IPS is switched on?
I know it depends what rulesets I have but in general terms.