Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - OXYD

Pages1

Virtual private networks / Re: question regarding : Setup SSL VPN Road Warrior : IP Masquerade

January 12, 2022, 06:16:44 PM

is it possible to NAT every VPN clients to one LAN address ?

I created a virtual IP (for example 192.168.10.5).
Openvpn server use the range 10.10.0.0/24

Is there a way to make all the VPN clients use 192.168.10.5 to connect to our servers ?

Virtual private networks / Re: question regarding : Setup SSL VPN Road Warrior : IP Masquerade

January 11, 2022, 10:12:59 PM

I tried to configure a NAT rule from openvpn_net to a virtual IP on my LAN without success ^^

Virtual private networks / question regarding : Setup SSL VPN Road Warrior : IP Masquerade

January 11, 2022, 09:39:59 PM

Hi,

I followed successfully the "how-to Setup SSL VPN Road Warrior".

But it doesn't seems adapted to my company's network.

We have a Cisco ASA.
It handles all our subnets + NAT WAN/LAN.

The problem: when I am connected to the VPN (opnsense).
I need to manually add a dedicated route on each server.
Else the ICMP Response end up on the Cisco ASA.

Code Select

ip route add 10.10.0.0/24 via IP_LAN_OPNSENSE dev ens224

Is there a way to modify the configuration to not give each client an IP on 10.10.0.0/24 (openvpn).
But instead let the clients be NATed to a unique IP (opnsense LAN) ?

Like this when it come back, it will arrive directly on opnsense LAN.

I try to search on google with masquerade but could not find any lead.

Thanks for your help.

General Discussion / Re: how to raise PHP memory_limit

July 26, 2021, 11:24:16 AM

Hi,

We tried today with this log file.

Code Select

239M /var/log/filter.log

But it seems that the more we give, the more it asks.

Code Select

cat /usr/local/opnsense/service/templates/OPNsense/WebGui/php.ini | grep memory_limit
memory_limit = 1700M

Code Select

[26-Jul-2021 10:56:57 Europe/Paris] PHP Fatal error:  Allowed memory size of 1782579200 bytes exhausted (tried to allocate 4096 bytes) in /usr/local/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/LogController.php on line 83

Do you know what might be the problem ?

Regards

General Discussion / Re: [SOLVED] how to raise PHP memory_limit

July 01, 2021, 01:19:15 PM

Hello,

Thanks again for your patch, however we still have a problem related to this since we are facing the same error message :

Code Select

PHP Fatal error:  Allowed memory size of 1073741824 bytes exhausted (tried to allocate 20480 bytes) in /usr/local/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/LogController.php on line 83

As you can see, it needs a few more memory we are guessing.

Thanks for your help

Cheers

General Discussion / Re: how to raise PHP memory_limit

June 25, 2021, 07:13:33 AM

Awesome.

Thanks for your help.
I will try ASAP ;)

General Discussion / how to raise PHP memory_limit

June 24, 2021, 09:02:38 AM

Hi,

I encountered a PHP error during a trace log export through the OPNsense web interface.

Code Select

OPNsense 21.1-amd64
FreeBSD 12.1-RELEASE-p12-HBSD
OpenSSL 1.1.1i 8 Dec 2020

Code Select

Fatal error: Allowed memory size of 536870912 bytes exhausted (tried to allocate 363944728 bytes) in /usr/local/opensense/mvc/app/library/OPNsense/Core/Backend.php on line 138

I think the log size is over 200MB.

My first guess is to increase the PHP variable "memory_limit".
But I don't know where to do it to be persistent.

I only found this post related to PHP:.
https://forum.opnsense.org/index.php?topic=3573.msg12174#msg12174

Multiples files are mentioned.
/usr/local/lib/php.ini
/usr/local/etc/php.ini
/usr/local/etc/rc.php_ini_setup

I don't want to mess up the setup.
Any help is welcome.

Regards

Pages1