Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - paul199513

Pages1
#1
German - Deutsch / Logging an Graylog funktioniert nicht
May 21, 2024, 02:46:56 PM
Hallo zusammen,

ich habe zwei Firewalls. Bei der einen taucht der Fehler auf, dass ich einen Portscan auf den Graylogserver nur erfolgreich vornehmen kann, wenn ich als Source-Adresse die Firewall LAN Adresse nehme. Wenn ich das Feld leer lasse, funktioniert die Verbindung nicht.
Bei der anderen Firewall erhalte ich den Fehler, dass dass der Austeller des SSL Zertifikates (Wildcard Zertifikat) nicht ermittelt werden kann. Für das Webinterface funktioniert das SSL Zertifikat ohne Probleme.

Vielen Dank im Voraus
#2
German - Deutsch / Web UI Port nicht erreichbar
January 27, 2023, 09:21:28 PM
Hallo zusammen,

wenn ich die Weboberfläche auf einen Port kleiner als 55000 stelle, ist dieser per WAN nicht erreichbar, über das LAN funktioniert jeder Port. Woran könnte dies liegen? Das gleiche Problem taucht auch bei der Konfiguration von HA Proxy auf.

Vielen Dank im Voraus
#3
High availability / Re: Can't connect HA
November 16, 2022, 04:38:14 PM
That is something i can answer, because i don't know, how the provider do this. The two interfaces are connected directly with a patch cable.
#4
High availability / Re: Can't connect HA
November 16, 2022, 11:16:09 AM
It works now. It was just my fault. There was a second firewall from my provider and it declined all the traffic from the HA interface.

Thank you for your help :)
#5
High availability / Re: Can't connect HA
November 15, 2022, 11:24:13 AM
This is the firewall rule, i have set at both firewalls:

IPv4 *   HA net   *   *   *   *   *   Default allow LAN to any rule
#6
High availability / Re: Can't connect HA
November 15, 2022, 10:59:18 AM
No i changed nothing there.
#7
High availability / Can't connect HA
November 15, 2022, 09:51:46 AM
I configured HA on both firewalls. I entered the Synchronize Peer IP, the Synchronize Config to IP and the credentials. If i leave the Synchronize Peer IP empty. I see the following traffic in the firewall:
HA      2022-11-15T09:42:35   10.0.0.1   224.0.0.22   igmp   let out anything from firewall host itself   
HA      2022-11-15T09:42:35   10.0.0.1   224.0.0.240   pfsync   let out anything from firewall host itself
But if i enter the correct IP, nothing happens. The firewalls can ping each other and if i click save the master firewall call the second one on port 443.
#8
High availability / Re: Can't ping HA interface IP
November 14, 2022, 03:39:25 PM
The firewalls can ping each other. I also checked with a port scan, if the backup firewall listens on the https port on the HA interface and got a succeeded.
#9
High availability / Re: Can't ping HA interface IP
November 14, 2022, 01:36:14 PM
I was now able to ping the other firewall, but HA isn't working. In the menu is the info that the backup firewall is not accessible or not configured.
#10
High availability / Re: Can't ping HA interface IP
November 14, 2022, 12:34:29 PM
Hi, i configured the firewall rules already. I let every ipv4 traffic on that interface in.
#11
High availability / Can't ping HA interface IP
November 14, 2022, 11:47:50 AM
Hello,
i have two OPNsense firewalls which are connected to a switch and also connected directly to use this port as pfsync. I have entered an ip of the same subnet, but the firewalls can't ping or reach each other. Do i need to configure something else?

Thanks i advance :)
#12
General Discussion / HAproxy www to non-www
December 19, 2021, 12:50:27 AM
Hey everyone, currently i am playing around with the HAproxy feature of the OPNsense Firewall. I need to redirect https://www.example.com to https://example.com and don't know, how i could achieve this.

Hopefully somebody could help me :)
Pages1