Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - cttechcorp

Pages1
#1
24.1, 24.4 Legacy Series / Re: Upgraders beware
February 15, 2024, 06:06:53 PM
I 100% Agree.   I have had terrible issues since the latest upgrades.


  • IPSec Firewall Rules no longer get created for IP Alias or secondary interfaces.
    Firewall State table is unusable;  search doesn't seem to work at all.
    Making changes to any interface resets them all.

Things in opnsense have usually just worked for me without a hitch, now everything is going haywire!



#2
21.1 Legacy Series / Port Alias List/Table
June 22, 2021, 04:52:49 PM
We use the URL Table to pull an internally maintained blacklist of IPs across all of our firewalls.    Is it possible to add a "Port" Table as well, to pull a list of dynamic ports into an alias?
#3
21.1 Legacy Series / Log Filter
March 02, 2021, 04:29:19 AM
Is there a way to revert to the older log filter, or add a free-text field?   

I prefer to use the regex/wildcard filter format.
#4
19.1 Legacy Series / Re: Broken Config - Unable to Ping or Update URL Alias
July 16, 2019, 01:34:21 AM
So...  the problem appears to have been an IP Alias I added....

Specifically the Gateway Address.    I entered the same gateway address for the alias as my primary wan interface.   

Leaving the field empty fixed my outbound communication problems.
#5
19.1 Legacy Series / [SOLVED] Broken Config - Unable to Ping or Update URL Alias
July 15, 2019, 11:53:53 PM
I've updated from 17 to 18, and have been configuring additional security and IDS on our firewall over the past week. At some point I have broken my system.   

Updating URL Alias is broken
Trace-route works (but not via ICMP)
Firmware updates are unable to locate mirror
Firmware security audit "pkg: No route to host"
System logs say update_tables.py: error fetching alias url. 
Custom routes: none
Default gateway route appears in the table correctly. 
I can ping the WAN default gateway IP on the firewall itself, but nothing past it.
I can ping the WAN default gateway IP from the LAN net, and everything past it.

It acts like my WAN gateway (cable modem) is blocking outbound ICMP, but ISP says everything is fine, and test pings from the cable modem itself are successful.

I'm not sure what I have broken.   

I've tried disabling all the unnecessary services.  I've disabled all of my new firewall rules.   I've reviewed all the system logs.  There is nothing in the firewall logs about ICMP traffic or otherwise being blocked.   

Can anyone point me in the right direction?    I'm not sure if something broke during the update or if a setting has changed to break the system.
Pages1