Messages

1

Zenarmor (Sensei) / Re: 1.11 release date

« on: April 01, 2022, 05:53:14 am »

Hi, is there a changelog?, I checked SunnyValley's website, blog, documentation and of course this forum but I don't see a changelog anywhere. Thanks.

2

Intrusion Detection and Prevention / Rejected ETPro Telemetry registration

« on: March 16, 2022, 06:44:45 am »

Is anyone else having trouble registering for ETPro Telemetry edition?, after clicking purchase it hangs at processing for a couple minutes and then I receive an email saying it has been rejected due to inconsistencies (order #9222). What inconsistency is it finding, its just asking for basic fields regarding personal info, not even card required.

3

22.1 Legacy Series / Re: Mangled SSH connections on WAN side

« on: February 28, 2022, 03:22:47 am »

Tried with OPNSense 21.7.1 and changing virtio with e1000 in proxmox, still same outcome. Is this something worth being posted as bug in github for revision?, I feel this is a pretty basic setup and I have no idea why its not working with out of the box defaults.
Completely ran out of ideas by now.

4

22.1 Legacy Series / Re: Mangled SSH connections on WAN side

« on: February 27, 2022, 02:00:48 am »

Can you post more of your interfaces/firewall config?

Firewall after original deployment problem is just default rules + WAN allow any to any that I set up when trying to figure out whats going on with SSH (reinstalled and added just that rule to be sure).

Interfaces:

Are you sure there isn't some sort of asymmetric routing?

Not that I can tell. Right now its just the ISP router connected to PVE host.

When you say "proxmox bridges" do you mean you have 2 vnics on the vm attached to proxmox bridges?  If so, what are the subnets on the pfsense vm?

OPNSense has 2 virtio nics (both are bridges). One is a bridge to the physical port going to the ISP provided router and the other is just a internal bridge meant for connectivity between guest vms. The idea is to have opnsense between this guest vm LAN and the real network.

5

22.1 Legacy Series / Mangled SSH connections on WAN side

« on: February 26, 2022, 06:44:11 pm »

Hello, I'm currently trying to migrate from PFSense and I have found a big roadblock that I haven't been able to troubleshoot. I'm not able to get SSH connections working from WAN side of OPNSense. At first the connection seems to be working fine but after login is accepted it just freezes.



I get the same behavior trying to connect directly to OPNSense via SSH or Port Forwarding to a server inside the LAN. This issue also persists on a fresh install of OPNSense.

Running ssh with -vvv flag gets unresponsive after the following text:

debug3: send packet: type 98
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768

Which after a while turns into:

client_loop: send disconnect: Broken pipe

auth.log seems to indicate the login was successful, so that's definitively not the issue:


Opening packet capture seems to reveal "Incomplete Data" as reported by Wireshark, however my networking technical skills are not good enough to diagnose the cause or a possible solution to this problem.



OPNSense is running on a proxmox instance with two virtualized bridges, one to the interface connected to the router and the other one as a isolated network between vms.

Any help is greatly appreciated.