Messages

Very strange. I really dont know whats happens.

in confs:
1
ISP -- WAN (pppoe)*OPNSense ---(DHCP) --- clients      dont dorking.

i try
2
ISP -- WAN (pppoe)*OPNSense MASTER --- (DHCP)---- WAN(DHC) OPNSense Slave --- clients
and it look worked

3.
control i install pfSense directly and it worked
ISP -- WAN (pppoe)*pfSense ---(DHCP) --- clients

but i not planing go to pfSense fully and cant have 2 machines with OPNsense. i plaing with MTUs for tunnel on opnsense but not/

Your screenshots look similar to mine. I use Unmanaged (SLAAC only) instead of Assisted (SLAAC + DHCPv6) but that's a matter of preference and shouldn't make a difference.

When you say "clients do not receive ipv6", do you mean they don't get IPv6 addresses assigned? Double-check RADVD and DHCPDv6 services are running in System-Diagnostics-Services. Also, double-check client NIC configuration- is IPv6 enabled as a protocol?

Also- you did not share screenshot of LAN Interface Configuration/Overview. Make sure it is configured with and has a static IPv6 address in the /64 you need your clients to receive addresses in.

Hope that helps!

LAN - Interfaces


LAN - Overview


Services:


+ i set FW-rule for enable IPv6 ICMP ECHO on TunBrok IF and i can it (use external online services for ping)

When i configure GIF IF i use "Client IPv6 address" for ping:


Clients can get IPv6 (its supported and enbled). But cant obtain it from OPNSense.

Looks like firewall rules blocks or some like that. But i not profi )) If you can share yours Firewall rules need for TunBroker?

Tnx

Hi.

In Services: Unbound DNS: Blocklist. Select one or few blocklist from dropdown menu. Set check mark on "Enable".
Click "Apply" and....do nothing... Circle on Apply button rotation...rotation... sometime drop to Login Page. After login go to back Services: Unbound DNS: Blocklist and... ENABLE - not checked + i think and blocklist mechanism (or it enable) - not working.

Code Select Expand


OPNsense 23.7.5-amd64
FreeBSD 13.2-RELEASE-p3
OpenSSL 1.1.1w 11 Sep 2023

[On the LAN, clients do not receive ipv6. Where to dig?]

Hi all.
I set it up according to the manuals:

1. https://wiki.opnsense.org/manual/how-tos/ipv6_tunnelbroker.html
2. https://docs.netgate.com/pfsense/en/latest/recipes/ipv6-tunnel-broker.html

Versions OPNsense 23.7.5-amd64
FreeBSD 13.2-RELEASE-p3

Connection to ISP via PPPoE. Pings from outside are enabled.

Q: On the LAN, clients do not receive ipv6. Where to dig?

The tunnel itself seems to rise, and from the machine where the OPNSense is installed, Google pings via ipv6:
[/url ]

Filewall rules for:
Firewall->Rules->TunnelBroker
[url=https://postimg.cc/w18k3q5r]
Firewall->Rules->LAN

Firewall->Rules->WAN


RA Settings:


DHCPv6:


Gateways:


Info page IF - tunnel broker:

[В LAN клиенты не получают ipv6. Куда копать?]

Всем привет.
Настраивал по мануалам:

1. https://wiki.opnsense.org/manual/how-tos/ipv6_tunnelbroker.html
2. https://docs.netgate.com/pfsense/en/latest/recipes/ipv6-tunnel-broker.html

Versions    OPNsense 23.7.5-amd64
FreeBSD 13.2-RELEASE-p3

Соединение с ISP по PPPoE. Пинги извне включены.

Q: В LAN клиенты не получают ipv6. Куда копать?

Сам туннель вроде как поднимается и с машины где ОПНСенс стоит google пингуется по ipv6:


Правила файлвола для:
Firewall->Rules->TunnelBroker

Firewall->Rules->LAN

Firewall->Rules->WAN


Настройки RA:


DHCPv6:


Gateways:


Info page IF - tunnel broker:

After update to:

Versions    OPNsense 23.1.5_4-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

1. Zenarmor Elasticsearch service dont start
2. Report-Trafic show:

"Fatal error: Failed opening required '/usr/local/opnsense/www/index.php' (include_path='/usr/local/etc/inc:/usr/local/www:/usr/local/opnsense/mvc:/usr/local/opnsense/contrib:/usr/local/share/pear:/usr/local/share') in Unknown on line 0 "

После обновления до

Versions    OPNsense 23.1.5_4-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

1. Не запускается Elasticsearch от ZenArmor

2. Репорты-Трафик вываливает страничку:

"Fatal error: Failed opening required '/usr/local/opnsense/www/index.php' (include_path='/usr/local/etc/inc:/usr/local/www:/usr/local/opnsense/mvc:/usr/local/opnsense/contrib:/usr/local/share/pear:/usr/local/share') in Unknown on line 0 "

Ребята, чот я отупел или не разобрался... есть тачка с OPNSENSE, у нее 2 интерфейса соотв - WAN и LAN.

WAN - белый ИП от прорва + имеется FQDN связаный с этим ИП. Пусть будет mydomain.com и 99.99.100.100
LAN - ну тут все просто 192.168.0.1 (сеть 192.168.0.0/24)

Внутри лан сети несколько машин. На одной из них (ip - 192.168.0.50) крутятся http(https) сервер (порты 80 и 443) и mysql server (порт 3306).

Port-Forwarding извне локалки на данный IP (192.168.0.50) я настроил. А вот как быть что бы тачки внутри сети при обращении по fqdn - mydomain.com отражались на внутренний IP = 192.168.0.50 ???

Поигрался с Outbond - результатов не достиг.

Если можно прям в картинка пример или ссыль на Ютуб с боле-менее понятным видео. Огромное спасибо!!