Messages

Ah yes, I meant the user certificate. as it also expired. I use otp.

I made new certificates.. Not noticing the authority was also expired. ;)
So I did everything twice. I guess I wont forget anymore now.

My VPN works like before again.
Thanks!

So I got home.
SSLVPN Server Certificate has indeed epired.
It was only valid for a year. User certificate is also almost expired.

I set it up myself, I guess a year ago, using a guide.
I am still learning about what I actually did and how it affects everything. I never did this before.

As I read, there is no simple renewal option. I just have to remake the certificate. And the user.
Is that right?

I am sorry I dont have more info at the moment. I am on holiday. Thats the whole reason I was using the vpn ;)

And does anyone happen to know the standard expiration date? I thought it was 10 years?

Hi all.


I have been using openvpn for quite some time now without problems. Since last Thursday though, i get this error on all clients.
Peer certificate verification failure.
Nothing changed on server. Maybe client got updated?
Was there some change in certification rules or so? Can it be expired?
Anyone have an idea?

Thanks!

Well to start with just a few IP would be fine.

But I cant seem to let it show anything else than wan or lan. Not specified to IP.

Hi all.


Is there a way to monitor live how much data an IP moves in and out.
And to check the live speeds that IP is using?
And to see this in some graphs over some timeperiod?

Thanks!

Ok. I am obviously not as well trained in this kind of stuff as you. And I can only say it in simple terms.
So forget my rant.

But just tell me this.
1. Doesnt it sound logical to expect the phones/pcs on the lan to behave the same as for instance phones outside off the lan? They both have access to the same internet. and both only have to open a link on the internet with a port. I would think it being a link to my own lan would be unimportant here.
I feel it shouldnt matter if this is on my internet or 4g internet. Internet seems internet.  and link seems link.
You get my drift?

2. Why does ipcop or ipfire or any other router i have ever used, never had this 'issue'?
If this is because it automatically does nat reflection, then ok.
But for me, logically, this is weird. ;)

I turned on: firewall / nat / advanced
Reflection for port forwards    
It didnt help.

Then I also turned on:
Automatic outbound NAT for Reflection    
Now my external ip:port directs to my server from lan too.

Thanks for the patience btw ;)

I have been reading about Nat reflection.
But this is a solution for a problem that shouldnt exist.

I dont want it to redirect to lan IP.
I just want the router to let me load the stupid external website. Even though this is actually a server on my own lan.
Who is this router to tell me I should use the internal IP instead of the external.

External IP should just lead me to exactly that. The external IP.
Not to the router opnsense admin page.

That is the problem here.

I used this
https://forum.opnsense.org/index.php?topic=8783.0
- name: A short friendly name for the IP address you're aliasing. I'll call it "media-server"
- type: Host(s)
- Aliases: Input 192.168.1.200

- Interface: WAN
- TCP/IP Version: IPv4
- Protocol: TCP

Under Source > Advanced:

- Source / Invert: Unchecked
- Source: Any
- Source Port Range: any to any

- Destination / Invert: Unchecked
- Destination: WAN address
- Destination Port range: (other) 3200 to (other) 3200

- Redirect target IP: Alias "media-server"
- Redirect target Port: (other) 3100

And the port forwards work fine.
My server and all its different services and ports are accessible from anywhere outside of the Lan through my domain name:port.
Just not on the lan. On the lan I can only reach them through internal IP: port.
Domain name: port will go to page unknown. Domain name: NO port, will lead to opnsense router admin page.

Yes.. i wasnt very clear.
I was new to opnsense and after setup i found port forwards not working and external ip leading to router.
This confused me and i just didnt have the time to check what is what.
Yesterday night i had some time time to test and set up again. Cause who does not do this on christmas night, right? :)

So from an external ip it does not go to router and port forwards work fine.
But from internal ips, i cannot reach my server over external ip. Because the external ip keeps leading me to the router. Or when i use ports, it just doesnt find anything.

This is very annoying, since i use my external ip through my domain a lot on the phones, to reach my server. And i dont want to keep switching between using the internal and external ip to connect to my server.
As i use 4g next to the wifi a lot, i just always use external ip through domain to connect to server.

Is there an option i missed to turn this off easily?
I just want to be able to reach my server over external ip from my lan. Instead of being lead to the router.

Thanks!

Thanks!

I was too quick with joy. It still lets the webgui exposed under wan ip.
I reinstalled and it did this immediately.
Its unusable like this.
What could there be wrong?

I read people having issues with latest version 21.7.6. Were 1 person solved his issues by reverting to 21.7.5.
So i tried that, and all my port forwards suddenly worked.
Also it does not link to opnsense with external ip.

So maybe there is something wrong with 21.7.6?

Thanks!

Hi all.

I was using ipfire and it all worked fine.
But I was using usb lan for the lan on that thin client. As it has no pcie.
And it all just felt a bit laggy.

Now I got this other thin client with pcie and 2port intel lan card. And thought lets try some other router options on this.

So i installed opnsense. updated and started to set my port forwarding.
I can see the port is open on https://www.yougetsignal.com/tools/open-ports/ But it just wont go to that internal ip/my nas.
So I tried to just open my external ip without ports. And see it links to the opnsense router itself.

That cant be right.
Am I missing something here?
how do I change this?

Thanks!