OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of nqtuanqtuan »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - nqtuanqtuan

Pages: [1]
1
General Discussion / Log/graph for bandwidth per rule
« on: June 25, 2024, 11:51:30 am »
Hi folks,

Is there any feature/plugin that allow me to log or create graphs per-rule data usage?

The requirement is that, I have different rules for multiple clients connecting to the Internet. Each client has two rules, one for domestic destinations and the other for international, e.g.
- Client-A to Domestic, how many MB?
- Client-A to International, how many MB?
- Client-B to Domestic, how many MB?
- Client-B to International, how many MB?
- etc.

I don't think the built-in netflow nor ntopng can do it (since they are too detailed into each flow and I can't kind of aggregate the collected data), but I might have missed some feature on them that are yet explored.

Thanks

2
21.7 Legacy Series / Acme DNS-01 challenge validation fails
« on: December 18, 2021, 09:30:27 am »
Hi folks,

Got a weird issue when renewing LE cert with Acme client 3.4 on OPNsense 21.7.6

I have configured 3 certs as following, all using DNS-01 challenge with CloudFlare API:

    wildcard.example.com (EC-384, SAN *.example.com, example.com)

    wildcard.example.com (RSA-2048, SAN *.example.com, example.com)

    adfs.example.com (RSA-2048, SAN adfs.example.com, certauth.adfs.example.com)

All three certs have been renewed at least once previously, before 21.7.6 upgrade. When that upgrade hit, I had some issue with Acme 3.5 and reverted to 3.4

Today, when I rolled out the new NAS, I want to test out the automation as the cert renewed (I already manually ran automation successfully and this issue is not related). When I pressed renew cert, only the first wildcard worked.

Both the second wildcard cert, and the adfs cert had this log, where Acme could create the TXT record for _acme-challenge successfully the first time. But then, it tried the second time which failed, and concluded the validation failed.

The DNS-01 configuration already had the timeout of 120 seconds - I believe this is the default.

Has anyone encountered the same issue?

3
Virtual private networks / How many OpenVPN concurrent sessions allowed?
« on: December 01, 2021, 11:03:43 am »
Hi folks,

I have a customer asking how many concurrent OpenVPN sessions the community version of OPNsense would support? If the OPNsense firewalls (HA) are dedicated VPN server.

Is there a reference or calculation based on the specs? For example how many users for 1vCPU virtual OPNsense? 2vCPU? etc.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2