Messages

1

Tutorials and FAQs / Re: diabled IDS alert still alerting

« on: April 08, 2020, 03:33:05 am »

I will add a little more detail to this problem.

For example, one of the Alert I just got again is "ET INFO WinHttp AutoProxy Request wpad.dat Possible BadTunnel". If I click the Info icon to the right of the alert instance, the Alert info window pops up. At the bottom of the window, Configured Action: Alert is selected, but Enabled is unchecked.

If I go to Rules, and find this rule 2022913, the Enabled check box to the right of this rule is also unchecked.

So you see, this rule is disabled, but the alerts are still coming for this rule.

Any one can help?

2

Tutorials and FAQs / diabled IDS alert still alerting

« on: April 05, 2020, 08:26:46 pm »

Hi, forgive me for another newbee question.

I downloaded and enabled all the rulesets in the IDS with alert only, and am getting lots of alerts, but only from a few rules. So on the Alerts tab, I clicked on the Info icon on an alert, and unchecked the "Enabled" box in the pop-up Alert Info window. So this Alert should be disabled now. I reclicked the "info" icon and reopened the Info window to confirm.

But even after I restarted the service, or restarted the opnsense box, the same alert is still coming.

What did I miss? How to really disable this alert or rule?

Thanks in advance for your help.

3

Tutorials and FAQs / Re: need help - lost config after restore backup

« on: April 02, 2020, 03:52:34 am »

Thanks. It works now after I selected the "prevent removal" option.

4

Tutorials and FAQs / Re: need help - lost config after restore backup

« on: March 31, 2020, 03:58:46 am »

I tried a couple more times. I am only doing even simpler changes from the default. I am keeping the em0 as LAN and em1 as WAN, same as default. I only changed the LAN ip to 192.168.5.1 as well as dhcp pool range. Now I make a backup, and restore the backup. Again, the config was lost and opnsense went back to the factory default. What is going on?

I wonder if anyone here had ever used the configuration backup and restore feature in release 20.1. If yes and many, then I must have done something wrong. Please let me know.

I checked the configuration history, and it seems it has been wiped clean after the restore, starting from factory default. Nothing before the restore is kept. The very first entry is "(root) Factory Configuration". It seems the restoring (saved backup) actually did restoring to factory default instead.

5

Tutorials and FAQs / need help - lost config after restore backup

« on: March 29, 2020, 05:34:07 am »

Hi, I am just starting to learn opnsense, this is my first try.

So I set up a opnsense vm on ESXi, with two interfaces. I made em0 the WAN link, and em1 as LAN link. This is different from the factory default. Anyways, I was able to get a WAN ip from uplink dhcp server, and also I can access the web gui from a windows vm connected to the LAN.

Then I save the configuration to a file, then restored it right away. Selected "all". After opnsense restarted, it lost its configuration, and shows em0 as LAN, and em1 as WAN.

This is such a simple case, I really did not have any other config changes, except the two interfaces. However, opnsense failed to restore such a simple config back up. I also tried this on a laptop install, same thing also happened, lost access after the restart.

Any help will be appreciated. I am really a newbie, and don't know where to start to troubleshoot.