Messages

Hello again

I'll say again how happy I've been with zenarmor and opnsense as a whole, and so grateful for the outstanding community here!

It's been a while, and I have still needed to periodically whitelist various hbomax related sites.  The following have all been added over time:

hbomax-52-20.youidomain2.com       
hbomax-52-25-1.youidomain2.com       
hbomax-52-25.youidomain2.com       
hbomax-52-35.youidomain2.com       
hbomax-52-40.youidomain2.com       
hbomax-52-45.youidomain2.com       
hbomax-a001.youidomain2.com       
hbomax-v52-55.youidomain2.com       
hbomax-v53-05.youidomain2.com       
hbomax-v53-10.youidomain2.com

would it work for me to whitelist "youidomain2.com"?

I wouldn't care too much except that my parents live with us and he feels bad always bothering me to "fix hbomax"  :o

You rock sy!
since this post, I've found that the domain name changes slightly, requiring me to whitelist twice again.'
The domains that have since been used:

hbomax-52-25-1.youidomain2.com
hbomax-52-25.youidomain2.com

Is there a way to whitelist something like... hbomax-*.youidomain2.com?

Thanks again for the phenomenal product that the ease of use through opnsense!

Hello all
HBOMax channel on Roku devices never worked, and would give me a notice about being unable to authenticate my device.  Drove me crazy, because all the other channels worked fine.  Took me a long time to think to check the blocked logs on Zenarmor!  When I found that it was blocking as "undecided safe access":

hbomax-52-20.youidomain2.com
52.23.129.248

Whitelisted it... works perfectly
So, maybe I'm just slow to realize this.  But seemed like I should at least put this out there!

Thanks for making this software available so effortlessly through OPNsense.  I'm a big fan.

THANK YOU!
I had just discovered that the installer can reset the password, and now back online I saw your reply.
I had disabled the root account... but this reset allowed me to login as root and then use option 13 to roll back to a few days ago.
I wish I knew what I did to mess up the LAN, but at least I now know how to get things working again.  Thank you so much for the help.

Thanks for the suggestion.  I can't reach any of the options because it won't let me log in.  "this account is currently not available".  My only guess is that I never gave my user account console access privilege.  I'm just going to reinstall the whole thing, and this time add an extra interface that will allow GUI access if I accidentally break the LAN again.  I had turned off GUI access from the WAN side just to be extra cautious but if I had left it on I could have gotten in that way.

Don't know what happened:  LAN no longer responds to ping, cannot connect to web GUI.
I was on the LAN page... changing a static address reservation.
Email (application, not web based) still works... New webpages don't work, but I think google search results were working!  Something DNS related maybe? 

I used my console (serial) access, got to the login prompt.  Tried logging in with my username and password, they are recognized as correct but prompt reads "This account is currently not available"
When I reboot the system no flags or errors or anything show up in the serial console.

Any ideas??  I don't even know where to look.

My setup is Very basic.  One extra firewall rule to keep a designated set of IP's from accessing the internet... I have sensai installed, but just as default settings.  Running on a lenovo tower, good 4 core cpu, 8 gb ram, nvme m.2 ssd... hardware doesn't seem to be the problem.

I do have a relatively recent backup config that I could reinstall with... but I'd like to try to figure this out if I can.

Thank you(!!!) for any suggestions or help.  Also advice on how to not get myself in a pickle like this in the future would also be appreciated.

UPDATE-------------
On the serial console, the LAN has no address.  It's just blank.
WAN has the same address as ever.

Thanks for the clarification.  Being new to firewalls generally I didn't realize how much was "out there".  Glad I'm "in here" now inside my OPNsense!

I did have one additional question.
Looking at the firewall logs there appears to be quite a few ~6-7% of all entries being  blocked on the wan side by a default rule. They tend to be the same up and port a number of times, but also random different ones. I'm glad to see things being blocked and figure this may be a case of just seeing something I couldn't see before... likely my other routers also blocked these. Is this common or typical? I assume some of these requests might be services that have not been properly re-NAT'd through opnsense yet. Any advice or resources on how to better learn to interpret and narrow down what these blocks are up to?
Thanks in advance!

Thanks Cookie!
I did read the instructions many times :) thank you for your reassurance!
Got everything connected now and all appears to be in order!

[Is the router ready to go "out of the box"?]

Hi OPNsense community!
I've been planning to set up the software for about a year or so and I'm finally taking the plunge.
I'm a novice to a lot of this network stuff but learning as I go.  I came to OPNsense because I want to have the opportunity to expand my network into some more basic controls rather than just one network with everything piled inside it.
SO, my first basic NOOB question is... If I install the software to its defaults (I have already done this) and then run updates (Also done this) and then change the root password (duh)...
Is the router ready to go "out of the box"?  Will it do everything that I want and need an "off the shelf" router to do? Basic routing... DHCP... DNS... NAT... etc.
Or do I need to change a bunch of settings in order for it to just work.
Sorry to be asking what appears to be a dumb question.  As I don't know enough to know what I don't know... I'm looking for it to just work... and then I can get into more advanced (for me) as needed and desired.
Thanks for all contributions and work that so many put in.