Messages

1

General Discussion / Re: System: Diagnostics: Activity checkbox use?

« on: July 22, 2022, 01:07:33 am »

Also found the same issue in Services: DNSCrypt-Proxy: Configuration.

Anyone have information on this?

2

General Discussion / Re: Micro Cuts, High Latenci... (For moments)

« on: September 02, 2021, 01:19:45 am »

Capture the packets on the firewall and you'll be able to see what is exactly is happening and when. 

3

21.7 Legacy Series / Re: adguard home lookups through WG tunnel?

« on: September 01, 2021, 01:53:59 am »

I used a load balancing configuration before.  The policy based routing will dictate which traffic goes through which interface ( out to the net). 

With respects to gateway grouping.  You select all the gateways you want to use in the group.  Let's say you are using a VPN to transmit traffic accessing the Internet (aside from WAN0).  VPN0, VPN1, VPN2.  VPN0 and 1 connect to texas.  VPN2 connects to florida.  Where you live, Texas connects much faster. 

I would group all 3 VPN into a single group.  List VPN0 and 1 as a higher priority so they are equal, and set VPN2 as a lower weight.  Traffic will flow between either VPN0 or 1, and bounce between the 2 depending on your setup.  When the connectivity means any threshold you configured to "switch" connectivity, the traffic will route through VPN2.  When the configured threshold is no longer met (connectivity for VPN0/1 has subsided) traffic will automatically resume to be sent through VPN 0/1.

4

General Discussion / Re: Replace Web Gui SSL Cert with Self Signed CA

« on: September 01, 2021, 01:25:52 am »

It can work with both.  You need to enter the correct SAN information when creating the certificate. I.E. in the drop down menu.

5

21.7 Legacy Series / Re: WAN Latency causing connection loss

« on: September 01, 2021, 01:23:02 am »

Since some time has passed, has the situation improved?  If fix, can you change the subject to resolved?

6

General Discussion / Re: VPN and Portforward problem

« on: August 15, 2021, 10:47:23 pm »

Contact your VPN provider / documentation.  It's possible they are blocking all inbound connectivity. I have seen VPN providers do this and required a specific configuration for you to use in order to allow inbound.

7

General Discussion / Re: Routing specific networks over multiple independent VPNs

« on: August 15, 2021, 10:44:06 pm »

Freebsd does not use multiple routing tables as with linux.  I have heard (although not see proof) it is possible to have freebsd with multiple routing tables.  But either way, it would not be supported. 

What your looking for is called policy based routing.  You would use that term or pbr when searching the documentation / forum.  There is quite a bit of information on the topic and can become complex very fast.

8

21.1 Legacy Series / Re: Cannot enable jumbo frames on vlan interfaces.

« on: August 15, 2021, 10:34:21 pm »

Both of you may want to post to the github ticket as opnsense currently thinks this is an issue without that much impact.  The more people reporting on this issue, the more they will see a larger impact and be inclined to work on it.

9

21.1 Legacy Series / Re: Weird Issues Updating Firmware & Firewall Logs Not Updating

« on: August 15, 2021, 10:29:00 pm »

Have you tried re-installing your system when running, not reinstalling from an ISO?

https://docs.opnsense.org/manual/virtuals.html?highlight=opnsense%20bootstrap

look at opnsense-bootstrap.  A word of caution, it is not recommended to do this unless otherwise told to do so, (by opnsense). 

I have done this several times to my system, and have not had unresolvable issues. The only thing I would warn is saving a backup and then after the system reboots,  install the plug-ins (will be missing).

10

21.7 Legacy Series / Re: adguard home lookups through WG tunnel?

« on: August 15, 2021, 09:48:57 pm »

With opnsense, Anything marked with upstream will allow traffic through it.  The high the priority dictates which interfaces to use.  (logical)

However, when GW are not marked as upstream, they STILL can be used for send / receiving traffic.  (Found out the hard way). 

What you are trying to accomplish is listed in the docs.  Although you are not trying to send lan traffic from multiple interfaces, the FW itself would use this.

https://docs.opnsense.org/manual/how-tos/multiwan.html?highlight=multi%20wan

https://docs.opnsense.org/manual/multiwan.html?highlight=multi%20wan

11

21.7 Legacy Series / Re: WAN Latency causing connection loss

« on: August 15, 2021, 09:41:48 pm »

It is possible you received a replacement modem which is bad.  Highly unlikely, although not unheard of.

Something could be radiating causing interference against the cable, or it could be the cable itself.    I'm still thinking its the coaxial cable.  You can ask Spectrum to go out and conduct a line test.  If the cables were not properly terminated, that would cause this issue.  They shouldn't charge for the tech to go out and check. 

Have you tried replacing the Ethernet cable?  Unlikely, but it could be the cable itself.   Perhaps some interference if it's not shielded?

12

21.7 Legacy Series / Re: WAN Latency causing connection loss

« on: August 14, 2021, 04:21:30 am »

You can ask your ISP to test your connection. It's a simple test to check out the quality of your connection.  Also ask them what the results are such as attenuation, and signal to noise ratio.    It's possible something on your line is cause this issue especially since you are sharing it with your neighbors. 

Also, you stated you replaced the hardware.  Which exactly, the computer running your FW; could be your modem has failed / not operating correctly.

13

General Discussion / Re: Understanding DNS and Unbound - Setup Help?

« on: August 14, 2021, 03:25:30 am »

I'm not quite sure what the issue is exactly as I don't use unbound.  But considering you speaking of dnssec, why not use dns-crypt?  It has dnssec by default (exactly why it was written for), you have whitelisting, configure individual listening ports for each vlan (if needed).  Also has overrides, and simple to configure which servers you want to point to.

Not to mention, if you want to query servers that honor tracking, filtering, if you don't need a server to require dnssec, etc.

14

General Discussion / Re: LAN bridge vs. NFS

« on: August 14, 2021, 03:17:39 am »

Can you change the subject to solved?

15

21.7 Legacy Series / Re: adguard home lookups through WG tunnel?

« on: August 14, 2021, 03:14:54 am »

What do you have setup as your default connection when looking at  your GW (single) priorities?  That will be the interface all the traffic defaults (I believe) including traffic originating from the FW itself.