Messages

It is annoying enough that it's the first option... let alone on we'd like to get rid of .... No reply?

Same or similar problem:
Segmentation fault
Performing sanity check on squid configuration.
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2024/11/09 07:05:36| Starting Authentication on port 127.0.0.1:3128
2024/11/09 07:05:36| Disabling Authentication on port 127.0.0.1:3128 (interception enabled)
2024/11/09 07:05:36| Starting Authentication on port [::1]:3128
2024/11/09 07:05:36| Disabling Authentication on port [::1]:3128 (interception enabled)
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/pre-auth/40-snmp.conf (depth 1)
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/pre-auth/dummy.conf (depth 1)
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/pre-auth/parentproxy.conf (depth 1)
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/auth/dummy.conf (depth 1)
2024/11/09 07:05:36| Processing Configuration File: /usr/local/etc/squid/post-auth/dummy.conf (depth 1)
2024/11/09 07:05:36| WARNING: use of 'reload-into-ims' in 'refresh_pattern' violates HTTP
2024/11/09 07:05:36| Set Current Directory to /var/squid/cache
Segmentation fault

Did you figure this out? Because I've been having the same issue with the latest release. Mostly https web sites, but an unusual set of web sites.
I'm wondering what you did to solve it.

Bump

If you're referring to this one, then yes, those steps were done in the follow on one about setting up a wireguard client, unless you know something I didn't see there:
https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html

I will check the firewall log as Bart, the other  person, suggested, on both links.
I found this one which might get me there. I'm going to try it.
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

OK, I tried doing that link, but it is hard to follow with no specific example. Here's my network layout if someone could lend a hand that  would be great.
https://imgur.com/YDQNGUg
K

Did you allow access to your DNS through for the IP address range?

I have wireguard working from Europe to the US using a GliNet Slate (Slate AX (GL-AXT1800) https://www.gl-inet.com/products/gl-axt1800/).  The IP CIDR address on that side is 192.168.8.0/23. And my Roku on that side (connected through WIFI) properly  streams stuff as if it's in the US.

For Wireguard that device is 172.16.16.4/32, where I have an interface named HomeWireGuard set up under OPNsense.  The wireguard server is in the US and is 172.16.16.1/23 with the .4/32 as a peer. The "tunnel address" is 172.16.16.1/23.

I have the client allowing all IPs  0.0.0.0 from Europe to the US and everything is working perfectly or at least, as expected.

What I want now is to allow a device on the US side to connect to the WAN on the European side.  What I was thinking is setting up a Roku device on the US side and being able to stream as if I were in the European region. The VPN tunnel should be two-way, right?

I'm thinking I'd have to have the device on the US side have an IP address like 172.16.16.6, but what else do I need to set up in terms of routes, etc.?  I looked at trying to go to System: Routes: Configuration, but I don't even see the HomeWireGuard interface there nor wg1.  It only has these options on the pull down: Null4 - 127..., Null6 - 127..., and WAN_DHCP- IP.

Any  thoughts on how I'd do this?  Do I need a new route on the GLiNET side too?

That worked.  I missed that option and didn't know what it did.
Thanks a bunch.
Kurt

Is there a "more" clear set of installation instructions to getting either IPSec or OpenVPN working with an Iphone? I've tried both and can't get either working.  My main problem with OpenVPN is key installation/delivery (both the CA and ssl key) to the iphone; which the road warrior doesn't cover well.  ANY help or clarifications to the published instructions would be greatly appreciated.
Regards,
Kurt

    OPNsense 20.1.8_1-amd64: The IDS tab brings up an immediate window to set up a cron job, when exiting it, it goes to the alert tab.  I cannot actually stay on the schedule tab to view what's scheduled or make changes.  What am I doing wrong or is this a bug?
Kurt

What's the best way to review how successful the caching proxy server's cache is working?  For instance by looking at cache hits?
Kurt

You need to  use the user "installer," not "root."

I installed 20.1 of OPNSense on a Xeon 4 core with Two NICs (HP ML110). Everything seemed to be working right, but when I try to stream netflix or amazon prime, it will not stream.  It's really slow loading an Netflix goes to about 24% buffering and then errors out. Any thoughts on tuning to get better performance, or skipping the firewall entirely for those sites. Set up is as you can imagine:
  _____________
  | Cable modem|
  ------------------
           |
   _____|______
   | WAN NIC     |
   |  opnsense    |
   | LAN NIC       |
   |___________|
            |    NAT to my network


Any help would be wonderful... I'm back to using my Netgear router because we cannot stream.

Kurt