Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - nicholaswc

Pages1
#1
24.7, 24.10 Legacy Series / version 24.7_5-amd64 dashboard crash
August 01, 2024, 07:54:49 AM
I just upgraded my OPNSense to version 24.7_5-amd64. After upgraded, the dashboard crash alway. Please the attached pic. I using this device as a router for internal LAN, the routing service stopped during crash. I stopped the wireguard service and reboot the device. The service resumed. but today I go back from lunch, the dashboard crashed again.
#2
21.1 Legacy Series / Re: ntopng failed to start after upgraded to 21.1.5
May 27, 2021, 09:18:13 AM
Thanks for your reply. I reinstall the redis and ntopng service and restarts the firewall. It works.
#3
21.1 Legacy Series / ntopng failed to start after upgraded to 21.1.5
May 24, 2021, 08:38:22 AM
I just upgraded my firewall from 19.x to 21.1.5. The ntopng service can't be started now. I have tried to reinstalled redis and ntopng services. Deleted ntopng and redis folders before reinstall servcies. Here is the log records when I restarts the ntopng service:
Date                                 Process             Line
2021-05-24T14:25:59   root[54924]   /usr/local/etc/rc.d/ntopng: WARNING: failed to start ntopng   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:150] ERROR: to specify a redis server other than the default   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:149] ERROR: Please start it and try again or use -r   
2021-05-24T14:25:59   ntopng[92432]   [Redis.cpp:148] ERROR: ntopng requires redis server to be up and running   
2021-05-24T14:25:58   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:55   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:53   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:50   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:48   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:45   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:43   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:40   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:38   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:35   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:32   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:30   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:27   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:25   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:22   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]   
2021-05-24T14:25:20   ntopng[92432]   [Redis.cpp:99] ERROR: Connection error [Operation timed out]
#4
19.7 Legacy Series / Re: default deny rule block many IPs
January 13, 2020, 03:20:00 AM
Here is the sample that OPnsense blocks the vnc service.
I tring to connect 10.128.8.18 by 10.128.2.132, but it can't be connected. I can ping 10.128.8.18 from 10.128.2.132.
#5
19.7 Legacy Series / Re: default deny rule block many IPs
January 13, 2020, 03:12:30 AM
yes, 10.128.8.0/24 is the LAN of the OPNsense.
10.128.8.0/24 and 10.10.2.0/24 connected by a IEPL line. works like vlan, these two subnet can be accessed each other.
from the OPNsense live log. I can see LAN rule (default deny rule) some times deny the traffic from 10.128.8.0/24 to 10.10.2.0/24. Most of this traff is to 443 port.
When a computer use the OPNsense as gateway, It can be ping but can't be connected by remote desktop or vnc anymore, all services (outlook. VNC, remote desktop etc.) become unstable. I used pfsense before, the situation are the same.
#6
19.7 Legacy Series / Re: default deny rule block many IPs
January 10, 2020, 09:46:45 AM
Thanks for all replies.
I am troubleshooting why many IPs blocked by the default deny rule, so I add some rules to try to isolate the problem, but no use. I just wounder why default deny rule block so many external IP with 443 port and some internal IP.
attached a simple diagram of the network for your reference.
#7
19.7 Legacy Series / Re: default deny rule block many IPs
January 10, 2020, 07:55:01 AM
on rule is for IN and another is for OUT.
1.2 is for 10.128.8.18(computer) in/out testing.
3,4 is for whole lan segment
6,7 is for other subnet in lan side. without these 2 rules, these two subnets can't ping any devices in 10.128.8.0/24.
#8
19.7 Legacy Series / Re: default deny rule block many IPs
January 10, 2020, 05:55:28 AM
here is the Wan rules screen capture.
#9
19.7 Legacy Series / Re: default deny rule block many IPs
January 10, 2020, 05:54:45 AM
Here is the floating, Lan and Wan rules screen capture. It using default rules and just added few rules for internal traffic.
#10
19.7 Legacy Series / default deny rule block many IPs
January 09, 2020, 09:31:30 AM
In the live view of firewall tab. I found many IPs have been block by default deny rule. I don't know why the rule blocks the IP which in another of my company. I set my IP can access any network but still no works.
#11
Chinese - 中文 / Re: default deny rule issue
January 09, 2020, 09:25:03 AM
这是补充的截图
#12
Chinese - 中文 / default deny rule issue
January 09, 2020, 09:22:22 AM
想请教一下,在firewall下面的live view看到好多被default deny rule拦截下来的信息,拦下的IP包括同网的设备,包括互联网上的IP,外网IP基本都是连接443端口的。网络服务出现短短续续的情况,访问互联网就有点慢。我已经设了让某个IP可以自由进出任何网络。不知道是那里的规则出问题。
Pages1