Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - ejvl

Pages: [1]

Intrusion Detection and Prevention / IDS, what interface to choose

« on: February 11, 2022, 02:24:24 pm »

Hi,
I've the following situation.

- A router from my provider, LAN is 192.168.1.1
- From this router, one cable is connected to my switch. I've configured this switchport untagged in VLAN 100.
- From the switch, another cable is connected to my Nuc with OpnSense installed. This switchport is untagged 1 and tagged 100.
- In OpnSense I've created a vlan 100 interface and set my WAN to this interface.
- My WAN in OpnSense is a 192.168.1.x address, my LAN is 10.0.0.254.
- My OpnSense WAN 192.168.1.x is configured as DMZ in the router of the provider so all the incoming traffic and ports are directly send to OpnSense.
- My home network is in 10.0.0.x with the 10.0.0.254 (Opnsense) as default gateway.

Now I want enable IDS and later IPS. Rules are activated but in this specific situation, with interface I should choose? WAN or LAN?

Thanks.

Virtual private networks / Re: OpenVPN works on Android but not in Windows

« on: February 09, 2022, 09:54:52 am »

I've solved it, the time in Windows was wrong....

Virtual private networks / OpenVPN works on Android but not in Windows

« on: February 09, 2022, 09:07:32 am »

Hi,
Yesterday i've installed Opnsense on my NUC and all works fine, great product.
I've issues with OpenVPN.
I've followed this instruction: https://www.youtube.com/watch?v=ocGAcZD8qYo

Now, I've export the setting, VPN, Client Export, export the settings/certificatie from the linked user.

I've imported this file in my Android phone, installed OpenVPN and all works fine, I can connect when I'm not on WIFI, can reach my LAN-devices.

Now I've a Windows 10 machine, remote, install OpenVPN, import exact the same file but cannot connect.

Code: [Select]

Mon Feb  7 05:38:24 2022 SIGUSR1[soft,tls-error] received, process restarting
Mon Feb  7 05:43:24 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]xxxxxxxx:1194
Mon Feb  7 05:43:24 2022 UDP link local (bound): [AF_INET][undef]:0
Mon Feb  7 05:43:24 2022 UDP link remote: [AF_INET]xxxxxxxxx:1194
Mon Feb  7 05:43:24 2022 VERIFY ERROR: depth=1, error=certificate is not yet valid: C=NL, ST=xxx, L=xxx, O=xxx, emailAddress=xxx, CN=internal-ca, serial=0
Mon Feb  7 05:43:24 2022 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Mon Feb  7 05:43:24 2022 TLS_ERROR: BIO read tls_read_plaintext error
Mon Feb  7 05:43:24 2022 TLS Error: TLS object -> incoming plaintext read error
Mon Feb  7 05:43:24 2022 TLS Error: TLS handshake failed
Mon Feb  7 05:43:24 2022 SIGUSR1[soft,tls-error] received, process restarting

I've turned off the Windows firewall but no changes.

The file I've exported from OPNsense is a single .ovpn file with the certificates included and the file is correct I think because it works fine on my Android phone.

Any idea?

Thanks

Pages: [1]