1
Virtual private networks / Re: TLS issues when trying to connect to openVPN remote-access
« on: September 24, 2022, 01:01:14 am »
error=self signed certificate
Import your CA on your device?
Import your CA on your device?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
22.7 Legacy Series / Re: Unable to add FreeRADIUS users
« on: August 05, 2022, 11:01:21 pm »
I ran "configctl template cleanup OPNsense/Freeradius" followed by "configctl template reload OPNsense/Freeradius" and things seem to be working now. :shrug:
3
22.7 Legacy Series / Unable to add FreeRADIUS users [solved]
« on: August 05, 2022, 10:36:19 pm »
This isn't new with 22.7. I had the same issue on 22.1 as well. If I add a FreeRADIUS user via the WebUI and click apply the user never appears in "/usr/local/etc/raddb/users" (restarting the service doesn't help any either).
If I run "configctl template reload OPNsense/Freeradius" the user gets added.
Any ideas where to look to see why the apply button isn't adding users to FreeRADIUS?
When I hit apply, I can see that reconfigure is being called and returning {"status": "ok"}.
If I run "configctl template reload OPNsense/Freeradius" the user gets added.
Any ideas where to look to see why the apply button isn't adding users to FreeRADIUS?
When I hit apply, I can see that reconfigure is being called and returning {"status": "ok"}.
4
Development and Code Review / Re: UDP Broadcast Relay beta package
« on: December 06, 2020, 06:38:33 pm »
Do I need to add firewall rules to make this work? I added the SSDP and mDNS to UDP Broadcast Relay and I can see my three Roku devices for casting and can select them in the Roku app after about a 7 second delay.
I cannot see any of my chromecast devices.
All of my IOT devices are on the 40_IOT net and my phone is on the 10_Trusted net.
UDP Broadcast Relay setup:
my firewall rules are pretty non-existant and the same on both interfaces:
mDNS Repeater is currently disabled. I tried adding an allow in rule on the 10_Trusted net for all traffic whose source is 40_IOT and that didn't work either.
I can see all the chromecasts, google devices and speaker groups in wireshark from 10_Trusted:
11 11.823222 192.168.10.1 224.0.0.251 MDNS 419 Standard query response 0x0000 PTR Google-Home-Mini-6b0461727bacfded14f5c854c4d4437f._googlecast._tcp.local TXT, cache flush SRV, cache flush 0 0 8009 6b046172-7bac-fded-14f5-c854c4d4437f.local A, cache flush 192.168.40.27
Any ideas?
I cannot see any of my chromecast devices.
All of my IOT devices are on the 40_IOT net and my phone is on the 10_Trusted net.
UDP Broadcast Relay setup:
my firewall rules are pretty non-existant and the same on both interfaces:
mDNS Repeater is currently disabled. I tried adding an allow in rule on the 10_Trusted net for all traffic whose source is 40_IOT and that didn't work either.
I can see all the chromecasts, google devices and speaker groups in wireshark from 10_Trusted:
11 11.823222 192.168.10.1 224.0.0.251 MDNS 419 Standard query response 0x0000 PTR Google-Home-Mini-6b0461727bacfded14f5c854c4d4437f._googlecast._tcp.local TXT, cache flush SRV, cache flush 0 0 8009 6b046172-7bac-fded-14f5-c854c4d4437f.local A, cache flush 192.168.40.27
Any ideas?
5
20.1 Legacy Series / Multiple DHCPv6 PD requests
« on: March 22, 2020, 08:51:18 pm »
OPNsense 20.1.3-amd64
FreeBSD 11.2-RELEASE-p17-HBSD
OpenSSL 1.1.1d 10 Sep 2019
I'm moving from Ubiquiti to OpnSense and have an ISP that only gives me a /64. My workaround in Ubiquiti-land was to do a separate prefix request for each VLAN.
Is there a way to do this in OpnSense? I've tried setting my interfaces to DHCPv6 but it appears that they're trying to DHCPv6 off my WAN interface instead of from my ISP.
In UBNT-land I did it with the following json:
FreeBSD 11.2-RELEASE-p17-HBSD
OpenSSL 1.1.1d 10 Sep 2019
I'm moving from Ubiquiti to OpnSense and have an ISP that only gives me a /64. My workaround in Ubiquiti-land was to do a separate prefix request for each VLAN.
Is there a way to do this in OpnSense? I've tried setting my interfaces to DHCPv6 but it appears that they're trying to DHCPv6 off my WAN interface instead of from my ISP.
In UBNT-land I did it with the following json:
Code: [Select]
"interfaces": {
"ethernet": {
"eth0": {
"dhcpv6-pd": {
"pd": {
"0": {
"interface": {
"eth1": {
"prefix-id": "0"
}
},
"prefix-length": "64"
},
"10": {
"interface": {
"eth1.10": {
"prefix-id": "0"
}
},
"prefix-length": "64"
},
"20": {
"interface": {
"eth1.20": {
"prefix-id": "0"
}
},
"prefix-length": "64"
},
etc., etc.,
Pages: [1]