Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - manzano

Pages1
#1
20.7 Legacy Series / Router behind OPNsense Firewall can't get internet access
April 23, 2021, 07:36:37 PM
Hi,
I've been running a second router (Lancom) behind me OPNsense firewall for routing purposes and too add another layer of firewall. The Lancom router has 4 ports, one is connected to the OPNsense and the other three are creating their own network with a DHCP client and everything.
The port on the Lancom which is connected to the OPNsense was previously configured as DSL/Internet to declare this port for the router to get the internet. OPNsense knows the IP of the Lancom as a gateway, and the three networks which are created by the Lancom all have internet access.
I now changed the port which ist connected to the OPNsense installation from DSL/Internet to Client mode which means that it is still getting a IP on that port but does not look at it as the internet access. When i now try to reach the internet from one of the Lancom networks it is no longer possible, so I'm wondering if the problem lays within OPNsense or if it is Lancom related since it previously worked.

The only idea that I have is that I'm missing some default routes in OPNsense which were previously handled by the Lancom due to the DSL mode.

Thanks in advance for the help

Manzano
#2
Virtual private networks / Re: run OpenVPN with a different user then root
February 23, 2021, 09:48:37 PM
Tanks for the Help!

I have no problem with working over the console.
After I added the lines to the server.conf and restarted the service I could no longer connect clients.  Only after removing the two lines was I able to connect again. Any tips on that?

Thanks in advance

Manzano
#3
Virtual private networks / Re: run OpenVPN with a different user then root
February 21, 2021, 11:20:15 AM
Sorry my question was wrong.

I want to send the OpenVPN logs in OPNsense to a SIEM using a universal forwarder. Unfortunately the access of the OpenVPN log requires root so I have to run the Splunk Forwarder also as root to be able to read the logs. My end goal is to have a user Splunk which runs the Forwarder and has access to the log but is not root. So I need a solution for the Splunk user to read the log without being root while at the same time not changing the access right on the file if possible.

Thanks in advance


#4
Virtual private networks / run OpenVPN with a different user then root
February 16, 2021, 11:06:29 AM
Hi, I would like to know if its possible to run the OpenVPN service with a user I created and not as root. So far I used the console to stop the OpenVPN service to then try to restart it using a different user, however that didn't work and caused the problem that clients could no longer connect to the VPN server.
If you have any ideas or experience how I can pull that of your help is much appreciated since I'm overall new to OPNsense.

Tanks a lot

Manzano
Pages1