1
24.7 Production Series / Re: IPS mode in Suricata causes kernel panic
« on: August 04, 2024, 09:46:31 am »
Will try later today
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
High availability / Re: IPSec legacy Not syncing to other nodes
« on: February 27, 2024, 06:47:54 pm »
syslog:
daemon 63386 - [meta sequenceId="41"] 00[LIB] no files found matching '/usr/local/etc/strongswan.opnsense.d/*.conf'
daemon 63386 - [meta sequenceId="41"] 00[LIB] no files found matching '/usr/local/etc/strongswan.opnsense.d/*.conf'
3
High availability / IPSec legacy Not syncing to other nodes
« on: February 27, 2024, 06:40:19 pm »
Hello,
IPSec legacy not syncing anymore?! (OPNSense 23.7.12_5)
IPSec legacy not syncing anymore?! (OPNSense 23.7.12_5)
4
23.7 Legacy Series / Re: OPNSense becomes unresponsive after changing IPSec Tunnel Settings
« on: December 04, 2023, 10:43:57 am »
@Franco
Do you know the problem with ipsec? We are talking about 30 ipsec tunnels on the machine.
Do you know the problem with ipsec? We are talking about 30 ipsec tunnels on the machine.
6
23.1 Legacy Series / Gui showing Site2Site OpenVPN is not online
« on: March 28, 2023, 10:29:53 am »
Hi,
since Update 23.1.4_1 the gui shows that OpenVPN S2S Tunnel are not online(green). But they are online in the menu VPN: OpenVPN: Connection Status.
since Update 23.1.4_1 the gui shows that OpenVPN S2S Tunnel are not online(green). But they are online in the menu VPN: OpenVPN: Connection Status.
7
High availability / HA Sync overwrites advbase?
« on: March 08, 2023, 06:14:04 pm »
Hello,
why does the HA Sync overwrites the advbase on slave? Is there a way to keep the setting?
Thanks for help!
Regards,
AMW
why does the HA Sync overwrites the advbase on slave? Is there a way to keep the setting?
Thanks for help!
Regards,
AMW
8
23.1 Legacy Series / Re: Problems with CARP - bug?
« on: February 13, 2023, 09:11:46 pm »
There might be a problem....
Same as me. Running a 4 node cluster. After Upgrade from 22.7 only 2 of 25 VLAN's have problems. Changed the VHID and then it works... Change back - same again.
Same as me. Running a 4 node cluster. After Upgrade from 22.7 only 2 of 25 VLAN's have problems. Changed the VHID and then it works... Change back - same again.
9
22.1 Legacy Series / Re: OPNsense as VM in Xen: Network interfaces down after Debian dom0 updates
« on: November 03, 2022, 05:11:08 pm »
I can also try and test it if you want.
10
22.1 Legacy Series / Re: OPNsense as VM in Xen: Network interfaces down after Debian dom0 updates
« on: August 01, 2022, 11:47:49 am »
anyone tried 22.7?
11
22.1 Legacy Series / Re: OPNsense as VM in Xen: Network interfaces down after Debian dom0 updates
« on: June 24, 2022, 11:19:08 am »
Debian is only working with kernel 5.10.0-10-amd64. It may work with OPNsense 22.7 (Freebsd 13.1).
Is there someone who can test this?
Is there someone who can test this?
12
22.1 Legacy Series / Advskew 254 causes problems
« on: June 21, 2022, 11:31:22 am »
Hello,
regarding to https://forum.opnsense.org/index.php?topic=13987.0
Problem is that after a reboot the fourth node is going into skew 254. Result = no failover possible (Skew 240)
First node 0, second 1, third 2....
If you set the fourth to 3 manually everything works fine - except you reboot, or syncronise the nodes.
regarding to https://forum.opnsense.org/index.php?topic=13987.0
Problem is that after a reboot the fourth node is going into skew 254. Result = no failover possible (Skew 240)
First node 0, second 1, third 2....
If you set the fourth to 3 manually everything works fine - except you reboot, or syncronise the nodes.
13
22.1 Legacy Series / Re: DHCP Relay doesn't work properly since Update to 22.1.8
« on: June 11, 2022, 06:43:39 am »
Thank you!
14
22.1 Legacy Series / Re: DHCP Relay doesn't work properly since Update to 22.1.8
« on: June 09, 2022, 06:20:51 am »
For example we have the same configuration as in vlan512... So all interfaces have an IP. Why is it not a case? It worked before and now not. Is there a way to debug this? Or open a case at the development?
15
22.1 Legacy Series / Re: DHCP Relay doesn't work properly since Update to 22.1.8
« on: June 08, 2022, 05:01:28 pm »
Reload or Reboot doesn't help:
@franco: Here is the output to get it running again...
after reboot or reload:
root@XXX:~ # ps aux|grep dhc
root 11019 0.0 0.0 15460 4040 - Ss 17:04 0:00.01 /usr/local/sbin/dhcrelay -i vlan01 -i lagg1_vlan511 -i lagg1_vlan501 -i lagg1_vlan512 -i lagg0_vlan516 192.168.X.X 192.168.X.X
root 16395 0.0 0.0 12740 2204 1 S+ 17:04 0:00.00 grep dhc
To get it working again:
root@XXX:~ # kill -9 11019
root@XXX:~ # /usr/local/sbin/dhcrelay -i vlan01 -i lagg1_vlan511 -i lagg1_vlan501 -i lagg1_vlan512 -i lagg1_vlan513 -i lagg1_vlan514 -i lagg0_vlan516 192.168.X.X 192.168.X.X
Requesting: vlan01 as upstream: Y downstream: Y
Requesting: lagg1_vlan511 as upstream: Y downstream: Y
Requesting: lagg1_vlan501 as upstream: Y downstream: Y
Requesting: lagg1_vlan512 as upstream: Y downstream: Y
Requesting: lagg1_vlan513 as upstream: Y downstream: Y
Requesting: lagg1_vlan514 as upstream: Y downstream: Y
Requesting: lagg0_vlan516 as upstream: Y downstream: Y
Internet Systems Consortium DHCP Relay Agent 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on BPF/lagg0_vlan516/d4:f5:ef:37:29:60
Sending on BPF/lagg0_vlan516/d4:f5:ef:37:29:60
Listening on BPF/lagg1_vlan514/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan514/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan513/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan513/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan512/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan512/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan501/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan501/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan511/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan511/d4:f5:ef:37:29:68
Listening on BPF/vlan01/d4:f5:ef:37:29:60
Sending on BPF/vlan01/d4:f5:ef:37:29:60
Sending on Socket/fallback
root@XXX:~ #
You see that two networks are missing, but they are enabled in the webgui.
@franco: Here is the output to get it running again...
after reboot or reload:
root@XXX:~ # ps aux|grep dhc
root 11019 0.0 0.0 15460 4040 - Ss 17:04 0:00.01 /usr/local/sbin/dhcrelay -i vlan01 -i lagg1_vlan511 -i lagg1_vlan501 -i lagg1_vlan512 -i lagg0_vlan516 192.168.X.X 192.168.X.X
root 16395 0.0 0.0 12740 2204 1 S+ 17:04 0:00.00 grep dhc
To get it working again:
root@XXX:~ # kill -9 11019
root@XXX:~ # /usr/local/sbin/dhcrelay -i vlan01 -i lagg1_vlan511 -i lagg1_vlan501 -i lagg1_vlan512 -i lagg1_vlan513 -i lagg1_vlan514 -i lagg0_vlan516 192.168.X.X 192.168.X.X
Requesting: vlan01 as upstream: Y downstream: Y
Requesting: lagg1_vlan511 as upstream: Y downstream: Y
Requesting: lagg1_vlan501 as upstream: Y downstream: Y
Requesting: lagg1_vlan512 as upstream: Y downstream: Y
Requesting: lagg1_vlan513 as upstream: Y downstream: Y
Requesting: lagg1_vlan514 as upstream: Y downstream: Y
Requesting: lagg0_vlan516 as upstream: Y downstream: Y
Internet Systems Consortium DHCP Relay Agent 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on BPF/lagg0_vlan516/d4:f5:ef:37:29:60
Sending on BPF/lagg0_vlan516/d4:f5:ef:37:29:60
Listening on BPF/lagg1_vlan514/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan514/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan513/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan513/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan512/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan512/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan501/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan501/d4:f5:ef:37:29:68
Listening on BPF/lagg1_vlan511/d4:f5:ef:37:29:68
Sending on BPF/lagg1_vlan511/d4:f5:ef:37:29:68
Listening on BPF/vlan01/d4:f5:ef:37:29:60
Sending on BPF/vlan01/d4:f5:ef:37:29:60
Sending on Socket/fallback
root@XXX:~ #
You see that two networks are missing, but they are enabled in the webgui.
Pages: [1] 2