Messages

1

20.7 Legacy Series / Re: unstable on proxmox ?

« on: December 10, 2020, 11:36:19 am »

yeah, unfortunatly we are unable to help

in my case, i now switched to a hardware appliance, that solved everything. so maybe somehow proxmox doesnt like it.

2

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 10, 2020, 09:13:10 am »

okay so.. after an update the "after" modifications i made are gone!

Its now completely default. AND.. i get DNS :|

Someone please just shoot me through the head..

3

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 08, 2020, 05:33:39 pm »

Yeah well.. i somehow need to make it “stick” as i am afraid it wont work when the config files are overwritten

4

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 03, 2020, 10:34:23 am »

networkmap: <INTERNET>===<dmz/opnsense>===</vpn/opnsense>===<internal network>
Quite simple

We use Windows 10 20H2, not sure if that changes anything, but heh!

i got this working with support from Deciso, the company behind OPNSense ;-)
Included are, what i believe, the relvant parts of the config, please feel free to tell if you miss anything!

And thank you for helping greatly apreciated!

5

Hardware and Performance / OPNSense & Intel AES-NI J3160 Yanling NUC

« on: December 02, 2020, 10:26:26 pm »

so, i got me one of those to try, but it ends up with a kernel panic

Anyone any experience with one of those?
https://dutch.alibaba.com/product-detail/intel-celeron-j3160-quad-core-nuc-mini-pc-with-4-intel-gbe-lan-for-pfsense-firewall-and-network-server-60778936461.html?spm=a2700.md_nl_NL.deiletai6.1.595418c8dOmxan

Its supposed to work with pfsense, so i thought OPNSense shouldnt be a problem either, maybe my usb disk is broken.. or so i hope ;-)

6

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 02, 2020, 12:57:11 pm »

also:
https://www.cl.cam.ac.uk/~mas90/resources/strongswan/
https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ikev2-vpn-server-with-strongswan-on-ubuntu-18-04-2

Speak about a "rightdns" entry in the conn esttings, which i dont see in my /usr/local/etc/ipsec.conf

7

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 02, 2020, 12:27:52 pm »

see the "before" and "after" image

8

Virtual private networks / Re: L2TP Plugin

« on: December 02, 2020, 12:20:02 pm »

i managed to get it working with help from deciso support, i believe there are some steps missing in the manual.. but ofcourse i cant remember what they did.. let me get back to you later on!

One thing had to do with the NAT settings, i remember that clearly

9

20.7 Legacy Series / Re: unstable on proxmox ?

« on: December 02, 2020, 12:08:32 pm »

But that shouldnt drop the whole internet connection, right?

10

Virtual private networks / Re: Windows 10: VPN works, DNS does not.

« on: December 02, 2020, 12:07:45 pm »

hello pcambell,

Yes, we are suplying the dns servers in the config.
When i open /usr/local/etc/strongswan.conf there a section called plugins:

plugins {
        attr {
                dns = 10.0.0.32, 10.0.0.34
                }
          .....
            }

These are the same adresses i have set in the web config. This does not work however.
When i manually add the same adresses to the charon { } part (as per: https://wiki.strongswan.org/projects/strongswan/wiki/Win7UserMultipleConfig subheading "ASSIGNMENT OF INTERNAL DNS AND WINS SERVERS") then it works..

So, what goes wrong where?

11

Virtual private networks / Re: L2TP Plugin

« on: November 23, 2020, 08:55:54 am »

never mind, wrong post here!

12

General Discussion / Re: What Are You Using as a Network Monitoring Solution

« on: November 23, 2020, 08:51:57 am »

To be honest, most our "escalation notifications" are non-existant.. But i believe Grafana/Prometheus do alerting, its still something im looking into

13

Virtual private networks / Windows 10: VPN works, DNS does not. (solved)

« on: November 18, 2020, 03:16:04 pm »

I have successfully added IKEv2 VPN (https://docs.opnsense.org/manual/how-tos/ipsec-rw-srv-mschapv2.html).

I can also connect to the company network. I can access the internet, and i can access any internal service by IP. However, the only way to get DNS working is by manually setting it on the interface through the control panel.

I have added our company's DNS settings in the VPN options of OPNSense, but to no avail

Is anyone else having this issue? We are working with Windows 10, 2004 and 20H2

14

General Discussion / Re: What Are You Using as a Network Monitoring Solution

« on: November 05, 2020, 11:53:10 am »

at work we use Zabbix, but i am switching away to Prometheus/Grafana.
OPNSense comes with node_exporter, so that shouldnt be too much of an issue

15

20.7 Legacy Series / importing AD users cuts off the username

« on: October 12, 2020, 11:03:46 am »

So, i have setup OPNSense to authenticate our IT staff against Active Directory. It works in so far that it does import the correct users. i set the "User naming attribute" to email, but when i log in it doesnt work.

When i use the tester and i input jhjacobs81@emailadress.com it validates.
When i login to the administration website it does not. i have to input jhjacobs81

i would want everyone to use their full emailadres, because we use that everywhere when we use SSO ;-) does anyone know how to fix this?