1
Virtual private networks / Re: OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 13, 2023, 06:22:57 am »
Success!!!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Virtual private networks / Re: OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 12, 2023, 09:38:41 pm »
Screenshot of interfaces.
3
Virtual private networks / Re: OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 12, 2023, 09:35:33 pm »
The attached log is from after cycling the VPN interface off/on. I have Internet after the cycling and the VPN status says connected with VPN in/out traffic numbers increasing.
4
Virtual private networks / Re: OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 12, 2023, 09:01:11 pm »
Maybe someone can make sense of the attached VPN log file. It was captured after a reboot.
I had no Internet access after the reboot. I had to cycle off/on the VPN interface to regain Internet access.
I had no Internet access after the reboot. I had to cycle off/on the VPN interface to regain Internet access.
5
Virtual private networks / Re: OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 09, 2023, 11:57:31 pm »
I thought maybe this issue was due to the initialization order on of the interfaces on boot but they appear to be correct in a backup XML file:
</system>
<interfaces>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
<lan>
<if>em1</if>
<descr/>
<enable>1</enable>
<spoofmac/>
<ipaddr>192.168.10.1</ipaddr>
<subnet>24</subnet>
</lan>
<wan>
<if>em0</if>
<descr/>
<enable>1</enable>
<spoofmac/>
<blockpriv>1</blockpriv>
<blockbogons>1</blockbogons>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</wan>
<opt1>
<if>wg0</if>
<descr>BLAHVPN</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
</opt1>
<wireguard>
<internal_dynamic>1</internal_dynamic>
<descr>WireGuard (Group)</descr>
<if>wireguard</if>
<virtual>1</virtual>
<enable>1</enable>
<type>group</type>
<networks/>
</wireguard>
<openvpn>
<internal_dynamic>1</internal_dynamic>
<enable>1</enable>
<if>openvpn</if>
<descr>OpenVPN</descr>
<type>group</type>
<virtual>1</virtual>
<networks/>
</openvpn>
<opt2>
<if>ovpnc1</if>
<descr>NORDVPN</descr>
<enable>1</enable>
<spoofmac/>
</opt2>
</interfaces>
</system>
<interfaces>
<lo0>
<internal_dynamic>1</internal_dynamic>
<descr>Loopback</descr>
<enable>1</enable>
<if>lo0</if>
<ipaddr>127.0.0.1</ipaddr>
<ipaddrv6>::1</ipaddrv6>
<subnet>8</subnet>
<subnetv6>128</subnetv6>
<type>none</type>
<virtual>1</virtual>
</lo0>
<lan>
<if>em1</if>
<descr/>
<enable>1</enable>
<spoofmac/>
<ipaddr>192.168.10.1</ipaddr>
<subnet>24</subnet>
</lan>
<wan>
<if>em0</if>
<descr/>
<enable>1</enable>
<spoofmac/>
<blockpriv>1</blockpriv>
<blockbogons>1</blockbogons>
<ipaddr>dhcp</ipaddr>
<dhcphostname/>
<alias-address/>
<alias-subnet>32</alias-subnet>
<dhcprejectfrom/>
<adv_dhcp_pt_timeout/>
<adv_dhcp_pt_retry/>
<adv_dhcp_pt_select_timeout/>
<adv_dhcp_pt_reboot/>
<adv_dhcp_pt_backoff_cutoff/>
<adv_dhcp_pt_initial_interval/>
<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options/>
<adv_dhcp_request_options/>
<adv_dhcp_required_options/>
<adv_dhcp_option_modifiers/>
<adv_dhcp_config_advanced/>
<adv_dhcp_config_file_override/>
<adv_dhcp_config_file_override_path/>
</wan>
<opt1>
<if>wg0</if>
<descr>BLAHVPN</descr>
<enable>1</enable>
<lock>1</lock>
<spoofmac/>
</opt1>
<wireguard>
<internal_dynamic>1</internal_dynamic>
<descr>WireGuard (Group)</descr>
<if>wireguard</if>
<virtual>1</virtual>
<enable>1</enable>
<type>group</type>
<networks/>
</wireguard>
<openvpn>
<internal_dynamic>1</internal_dynamic>
<enable>1</enable>
<if>openvpn</if>
<descr>OpenVPN</descr>
<type>group</type>
<virtual>1</virtual>
<networks/>
</openvpn>
<opt2>
<if>ovpnc1</if>
<descr>NORDVPN</descr>
<enable>1</enable>
<spoofmac/>
</opt2>
</interfaces>
6
Virtual private networks / (SOLVED)OpenVPN Not Working After Reboot - Must Cycle VPN Interface After Reboot
« on: May 07, 2023, 07:58:50 pm »
After a reboot of OPNsense 23.1.7_3-amd64 running a NordVPN using OpenVPN, my Internet is not functional. It appears that my DNS is not working because I can ping 8.8.8.8 but not www.google.com. Internet access returns if I restart the NordVPN interface.
Any suggestions?
Any suggestions?
7
22.1 Legacy Series / Re: For hire?
« on: March 07, 2022, 01:51:04 am »"DoD/NSS/DIB and their stakeholders"
That applied to me just a couple of years ago. I got out of it because my employee did not want to deal with the BS every time he went onsite and we did not want to deal with the security measures. It could all happen again and we would not be prepared.
I will ask again: Is no one hungry? I have the money.
8
22.1 Legacy Series / Re: For hire?
« on: March 07, 2022, 01:01:32 am »Where are the independents that want to make some money?
They are all too busy thinking about work/life balance. Get off of your arses and do something hard and meaningful.
I included all you mention in the email to Deciso and all I got was a coolie cutter reply.
Is no one hungry? I spent years helping people and companies to get the job done. I have made a fortune in the process. Now I am looking for someone like me from 40 years ago.
9
22.1 Legacy Series / Re: For hire?
« on: March 07, 2022, 12:55:32 am »
Where are the independents that want to make some money?
They are all too busy thinking about work/life balance. Get off of your arses and do something hard and meaningful.
They are all too busy thinking about work/life balance. Get off of your arses and do something hard and meaningful.
10
22.1 Legacy Series / Re: For hire?
« on: March 07, 2022, 12:07:29 am »
Sorry, no can do.
The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network.
CISA encourages network architects, defenders, and administrators to review NSA’s Network Infrastructure Security Guidance as well as CISA’s recently published Layering Network Security Through Segmentation infographic for assistance in hardening networks against cyber threats.
https://media.defense.gov/2022/Mar/01/2002947139/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDANCE_20220301.PDF
The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR): Network Infrastructure Security Guidance. The report captures best practices based on the depth and breadth of experience in supporting customers and responding to threats. Recommendations include perimeter and internal network defenses to improve monitoring and access controls throughout the network.
CISA encourages network architects, defenders, and administrators to review NSA’s Network Infrastructure Security Guidance as well as CISA’s recently published Layering Network Security Through Segmentation infographic for assistance in hardening networks against cyber threats.
https://media.defense.gov/2022/Mar/01/2002947139/-1/-1/0/CTR_NSA_NETWORK_INFRASTRUCTURE_SECURITY_GUIDANCE_20220301.PDF
11
22.1 Legacy Series / Re: For hire?
« on: March 06, 2022, 10:41:33 pm »
Very likely, yes.
Where are the independents that want to make some money?
Where are the independents that want to make some money?
12
22.1 Legacy Series / Re: For hire?
« on: March 06, 2022, 10:35:34 pm »
Yes, I spoke with Deciso but did not get a warm feeling about their personal investment in my needs. I was concerned that it would be a runaround of "Sorry, that's not included in your two hours of service for $326.
13
22.1 Legacy Series / For hire?
« on: March 06, 2022, 09:19:54 pm »
Is there a list of paid assistance resources? I would like to hire someone to finish the firewall rules, Unbound recursive DNS w/blocklists, VPN to some provider such as PIA, ClamAV etc. etc. etc.
In other words, is there a reputable IT person interested in assisting a small business / personal user?
In other words, is there a reputable IT person interested in assisting a small business / personal user?
Pages: [1]