Messages

1

Virtual private networks / Re: Cannot reach VPN subnet from LAN

« on: February 27, 2021, 03:56:59 am »

Since nobody seems to be able to help out

Did you not read my post where i gave you the solution???  That's a slap in the face....lol

2

Intrusion Detection and Prevention / Re: Suricata 5.0.5_1 - SIP fax transmission failing

« on: February 26, 2021, 08:46:27 pm »

Do you happen to know where to find the change log.  I did a quick search couldn't find it.

3

Virtual private networks / Re: Cannot reach VPN subnet from LAN

« on: February 26, 2021, 04:46:20 pm »

sorry, wrong post, misread your network plan... :-)

LOL I was wondering what that was

4

Virtual private networks / Re: Cannot reach VPN subnet from LAN

« on: February 26, 2021, 04:33:07 pm »

When your connecting from opnsense, you are connecting on the same "layer 2" network.

Example:
"some local pc"=1.1.1.2 "
gateway LAN=1.1.1.1, gateway tunnel=2.2.2.1"
"some remote pc"= 2.2.2.2
some remote pc knows how to get to 2.2.2.1 but not 1.1.1.2


I guess you could solve this by Nating traffic going out the l2tp tunnel to the tunnel ip of the router.

5

Virtual private networks / Re: Cannot reach VPN subnet from LAN

« on: February 26, 2021, 04:18:15 pm »

That's because "some remote server" does not know how to route the packet back to "some local pc"

6

Virtual private networks / Re: Can I setup the opnsense box as an IPsec vpn client?

« on: February 26, 2021, 04:14:36 pm »

There's more. When I try to create site-to-site tunnel, Authentication method options are Mutual PSK/Key/RSA, but my VPN provider is using IKEv2 EAP with username and password.

opnsense is setup weird for this, but go to mobile clients section and enable, then add your phase 1 and 2 settings there

7

Virtual private networks / Re: Can I setup the opnsense box as an IPsec vpn client?

« on: February 26, 2021, 03:39:34 pm »

 I want my opnsense box work the same way as it does as an openVPN client. Can I accomplish this, configuring the opnsense as an Ipsec client?

Same here, no information in docs. Every doc assumes the box acts as a server.

IPSEC is a point to point protocol, there is not really a server/client.  Note: It does support road warrior setups which would be the closest thing to the server/client style your looking for.   To answer your other question, yes you can send traffic over IPSEC.

EDITED to clarify.

8

21.1 Legacy Series / Re: Unexpected udp 443 (http/3?) requests to opendns servers.

« on: February 26, 2021, 03:24:56 pm »

can you get a pcap so we can see what it's looking up, might help with tracking it down.

9

21.1 Legacy Series / Re: Unexpected udp 443 (http/3?) requests to opendns servers.

« on: February 26, 2021, 02:55:02 pm »

Check Serivces--> OpenDNS did you enable it there by mistake? (It's not enabled by default)

10

21.1 Legacy Series / Re: Unexpected udp 443 (http/3?) requests to opendns servers.

« on: February 26, 2021, 02:54:07 pm »

are you using unbound or dnsmasq?

11

21.1 Legacy Series / Re: Unexpected udp 443 (http/3?) requests to opendns servers.

« on: February 26, 2021, 02:53:32 pm »

What plugins do you use?

12

21.1 Legacy Series / Re: opnsese forwards packets not addressed to its own mac(s)

« on: February 26, 2021, 02:40:02 pm »

Have you considered updating your esxi?

13

21.1 Legacy Series / Re: opnsese forwards packets not addressed to its own mac(s)

« on: February 26, 2021, 02:36:14 pm »

None of those tcp/udp packets are duplicated with different mac address's.

EDIT:      LOL, apparently I am retarded I see it now!

14

21.1 Legacy Series / Re: Reverse proxy configuration help needed

« on: February 26, 2021, 02:31:51 pm »

Only if there was a place you could look uo the documentation for opnsense....

15

21.1 Legacy Series / Re: Unexpected udp 443 (http/3?) requests to opendns servers.

« on: February 26, 2021, 02:27:52 pm »

The router would only be contacting opendns if you have settings that tell it to.

What is configured under Systen-->Settings-->General for dns.