Messages

1

General Discussion / Custom Crontab Service

« on: December 28, 2022, 04:13:47 pm »

I'm trying to configure an execution script in configd according to the documentation: https://docs.opnsense.org/development/backend/configd.html

I accessed the /usr/local/opnsense/service/conf/actions.d/actions_filter.conf file and created the following call:


[vpn-monitor]
command:/usr/local/bin/php /root/vpn-monitor/vpn-monitor.php
parameters:
type: script
message: Coleta de usuarios de vpn %s
description:Coleta vpn



I restarted the configd service, and via GUI I configured it so that there was a cron call every 5 minutes, but I didn't find it in the log of this execution in /var/log/configd/latest.log

Is there somewhere I can validate if cron is running correctly, if I run the script manually it runs correctly.

2

High availability / Re: Openvpn and HA

« on: August 25, 2022, 03:45:50 pm »

From the tests I did, that was the conclusion I had reached, as I couldn't find an opnsense documentation with this information, I decided to ask here.

Question clarified, thank you.

3

High availability / Openvpn and HA

« on: August 25, 2022, 02:56:39 pm »

Hello

I have two opnsense servers using HA mode with Carp, virtual IP and xmlrpc configured.

I'm using OpenVPN and I was trying to HA this connection too, I currently have the service up on the virtual IP of my external interface, but I noticed that in a possible fall of the primary server, OpenVPN does not turn to the secondary, I don't know if this is standard or should I configure something else, in the documentation I didn't find anything very clear about this.

4

General Discussion / Login via LDAP + TOPT doesn't work

« on: October 25, 2021, 03:45:17 pm »

I'm using OPNsense OPNsense 21.7.3_3-amd64 with authentication via LDAP + TOPTP for 2fa and I'm facing a problem with user authentication.
Every time I try to test a login in AD I get the following error:

error: 80090308: LdapErr: DSID-0C090436, comment: AcceptSecurityContext error, date 52e, v23f0

I used some logins for testing in the tab "System > Access > Tester" with TOPTP but without success, even the password being correct I get the above error.
The curious thing is, if I go to the LDAP user import tab I can list all normally, the error only occurs for users to login with the backend via AD.

Apparently it seems to be some systemic error, but I couldn't find anything on the internet other than that this error refers to an invalid username and password, even though the logins are valid.

Someone could tell me if you have a more verbose login mode or have you experienced this problem by chance?

5

Portuguese - Português / Dificuldade de login via LADP + TOPTP

« on: October 25, 2021, 03:33:07 pm »

Estou utilizando o OPNsense OPNsense 21.7.3_3-amd64 com autenticação via LDAP + TOPTP para 2fa e estou enfrentando um problema na autenticação de usuários.
Toda vez que tento testar um login no AD recebo o seguinte erro:

error: 80090308: LdapErr: DSID-0C090436, comment: AcceptSecurityContext error, data 52e, v23f0

Utilizei alguns logins para teste na guia "Sistema > Acesso > Testador" com TOPTP mas sem sucesso, mesmo a senha estando correta recebo o erro acima.
O curioso é, se eu vou na guia de importação de usuários do LDAP consigo listar todos normalmente, o erro só ocorre para os usuários se logarem com o backend via AD.

Aparentemente parece ser algum erro sistêmico, mas não consegui achar nada na internet além de que esse erro é referente à usuário e senha inválida, mesmo os logins estando válidos.

Alguém saberia me dizer se tem algum modo de login mais verboso ou já passou por esse problema por acaso?