Messages

1

20.7 Legacy Series / Re: How to set up Multi-WAN with IPv6

« on: March 29, 2022, 04:58:11 pm »

Regarding multiwan and ipv6 you have to disable shared forwarding in Firewall Settings Advanced

Michael, you made my day. It finally works. For months I have been looking for this solution to my obscure IPv6 multiwan routing problem. I would never have guessed that "shared forwarding" option on the basis of the help texts. Thank you so much for sharing.

--
Johannes Franken

2

21.1 Legacy Series / Re: 21.1.7: Problem with Freeradius

« on: June 17, 2021, 08:22:43 am »

> uncomment the leap line in /usr/local/etc/raddb/mods-enabled/eap

I was about to propose the same workaround.
Worked for me, too.

--
Johannes Franken

3

20.7 Legacy Series / Re: IPSEC traffic stalling after 20.7.1 upgrade

« on: May 11, 2021, 12:02:24 pm »

On our OPNsense 21.1.4/DEC3850 we were experiencing several hanging ipsec ikev2 associations per day until I disabled aesni.

Four weeks ago, I changed the phase 1 and 2 algorithms from CBC (aes256-sha256-modp2048!) to GCM (aes256gcm16-sha256-modp2048!) and re-enabled aesni. Since then, not a single hitch, same with 21.1.5.

Check

grep -e " ike =" -e " esp =" /usr/local/etc/ipsec.conf

to test if you got them all.

Regards
Johannes Franken