Messages

I am trying to make a bullet proof IPv6 config.  By bullet proof I mean when I lose power for an extended period of time I will receive a new v6 prefix delegation. 

In the past I haven't used the alias with ::<v6 address> but now that I use that I can reliably automatically re-address the network including the v6 address range and the static hosts.  I have standalone pi-holes for DNS.  Those are my static v6 addresses.  What I haven't been able to do is use an alias for the prefix delegation and combine it with the static addresses in the DHCPv6 config.

If I could do that then v6 would appear as stable as v4 after an extended power outage.

Am I missing something that would allow me to do that?

I reset the Insight and netflow in the last week because there wasn't any data showing.  It started showing up after that but has again stopped.  I noticed that the /var/log/flowd.log is showing 222M even though it was rotating correctly yesterday but hasn't yet today.

Did the flowd log rotation break?  What is causing this unpredictable Insight behavior?

UPDATE:  My problem was self-induced by UPnP rules related to an Xbox.  I had setup a upnp entry to deny port 80.  That somehow kicks my xbox into an Open NAT scenario.  However; I had it setup for my entire /24 network.  Changing that to just the Xbox IP addresses and SSL VPN works as expected. 


ORIGINAL:
I have a new install of OPNsense and I can't seem to get my corporate VPN to connect.

I believe it is an SSLVPN but after ~40 seconds it changes from connected to reconnecting.  It only receives 7 packets (every time) and sends 55 before the reconnecting.  My previous firewall required zero config and worked flawlessly. 

Attached are the Outbound NAT rules and logs showing that the traffic is passing.