Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - tmueko

Pages: [1]

22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3

« on: December 28, 2022, 11:27:43 pm »

I can confirm, that with 22.7.10_2 it ist working again.

I think, it would be better to switch to newer key format as suggestet here: https://github.com/opnsense/plugins/commit/de660623ed

then change md5 with sha in next step.

@franco: If you need tests-keys and setup I can help out.

22.7 Legacy Series / Re: Communication between two LANs

« on: December 28, 2022, 10:48:32 pm »

Maybe you problem is

Quote

Firewall: Settings: Advanced: Disable reply-to

try to activate it.

22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3

« on: December 15, 2022, 01:22:57 pm »

It is an Upstream-Bug from bind:

https://gitlab.isc.org/isc-projects/bind9/-/issues/3668

22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3

« on: December 09, 2022, 12:35:42 pm »

maybe it helps: this one is working to:

/usr/local/bin/nsupdate -y hmac-md5:KEYNAME:SECRET /var/etc/nsupdatecmds0

22.7 Legacy Series / plugin dns/rfc2136 not working in 22.7.9_3

« on: December 09, 2022, 12:17:15 pm »

The plugin is not working any more?!

when I try myself I get the following error:

/usr/local/bin/nsupdate -k /var/etc/K0lod-01.dyn-ip.info.+157+00000.key /var/etc/nsupdatecmds0

09-Dec-2022 12:03:31.836 /var/etc/K0<DOMAIN>.+157+00000.key:1: unknown option <DOMAIN>.' 09-Dec-2022 12:03:31.838 /var/etc/K0<DOMAIN>.+157+00000.key:2: unexpected token near end of file could not read key from /var/etc/K0<DOMAIN>.+157+00000.{private,key}: unexpected token update failed: REFUSED

when I manually create a keyfile like it is stored in bind it is working:
key "KEYNAME" { algorithm hmac-md5; secret "SECRET"; };

20.7 Legacy Series / Re: opnsense freezes and needs reboot

« on: June 15, 2021, 08:59:53 pm »

I now have the problem with 21.1.6.
FreeBSD-12.x and pfSense are working fine.
I have a OpnSense-Cluster on two Dell R630 on 10GB-Links. Sometimes, both VMs freezed within one hour :-(

Tried all combinations of +/- lro, +/- tso, +/- (rxcsum, txcsum) and vlanhwtag: Nothing worked.

Any new idea on this?

Virtual private networks / possible bug: "X509v3 Key Usage" in CA

« on: October 28, 2020, 08:08:50 am »

Hi,

maybe there is a bug in creating a CA:
there should be a
Certificate: Signature Algorithm: X509v3 extensions: X509v3 Key Usage: critical Certificate Sign, CRL Sign
or something like this.

When I create a CA in opnSense, there is no "X509v3 Key Usage".

Pages: [1]