Messages

1

General Discussion / Re: NAC on opnsense.

« on: April 03, 2020, 06:18:08 am »

Thanks @mimugmail!

2

General Discussion / Re: dual boot

« on: April 02, 2020, 04:34:20 pm »

Got it. Thanks @Franco!

3

General Discussion / Re: dual boot

« on: April 02, 2020, 04:17:00 pm »

Thanks @Franco. A newbie question, how do I invoke custom installer?

4

General Discussion / Re: NAC on opnsense.

« on: April 02, 2020, 04:15:42 pm »

@mimugmail. Thanks for the suggestion. I looked at settings in freeradius, but couldn't find place to input MAC address of devices. Did I miss anything?

5

General Discussion / NAC on opnsense.

« on: April 02, 2020, 04:02:50 am »

Is there any lightweight NAC (network access control, e.g. PacketFence ) available on opnsense? I tried to put a couple of L2 smart switches behind opnsense box, and use a NAC to assign proper VLAN to devices via 803.1x.

Thanks!

6

General Discussion / dual boot

« on: April 02, 2020, 03:56:18 am »

The disk footprint of opnsense seems to be very small, which is great. I hope I could dual boot opnsense with my linux box. However, opnsense installer wants to take over whole disk. Is there any way to install opnsense to a partition?

Thanks

7

20.1 Legacy Series / Re: please help on wireguard

« on: April 02, 2020, 03:23:04 am »

@Vlijm,

Thanks for sharing your setup. I got it working too by starting from scratch and following https://homenetworkguy.com/how-to/configure-wireguard-opnsense/ step by step instead of the original instruction I posted.

8

20.1 Legacy Series / Re: please help on wireguard

« on: March 29, 2020, 10:13:44 pm »

The outbound NAT rule matches guideline.

Firewall rule on Wireguard interface is passing all traffic.

Firewall log didn't show traffic on wireguard interface. The only one related to wireguard is an incoming UDP packet on WAN when the client initiated the connection. peer interface under List Configuration of VPN:WireGuard did show increased transfer and received bytes

Thanks!

9

20.1 Legacy Series / Re: please help on wireguard

« on: March 29, 2020, 09:45:00 pm »

Thanks @Mks. I followed the guideline you provided. I still saw the same problem. Client didn't see return packet

10

20.1 Legacy Series / please help on wireguard

« on: March 29, 2020, 06:20:50 pm »

Hi,

New to opnsense firewall. I followed the instruction below to install WireGuard.
https://www.thomas-krenn.com/en/wiki/OPNsense_WireGuard_VPN_for_Road_Warrior_configuration#Prepare_OPNsense_for_Wireguard_VPN

The link seems to be established, but client could not access any host at server side.

• under VPN/Wireguard/List configuration/peer, both the transfer and received bytes keep increasing while ping was send from client to VPN. It seems wireguard interface itself works as expected
  
• Wireshark (on client side) shows UDP packet was sent to opnsense, but opnsense didn't return any packet. (client saw 100% packet loss)

It seems that opnsense blocked wireguard return packets. How to debug this issue (new to freebsd, have iptables experience from linux)?

Thanks a lot!