1
23.1 Legacy Series / Re: Configuring 'Virtual Addr' for multiple OpenVPN instances
« on: March 16, 2023, 08:24:09 pm »
Bump for this, hoping someone has an idea about it!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
23.1 Legacy Series / Configuring 'Virtual Addr' for multiple OpenVPN instances
« on: March 09, 2023, 09:52:54 am »
Hi all,
I'm using OPNsense 23.1.1_2-amd64 and built-in OpenVPN client to connect to multiple (3 in this case) VPN server instances.
This all works very well but occasionally, when any one of the client instances restarts (manually or automatically) it will pick up a 'Virtual Addr' on the same subnet as another running instance. This means that no traffic will flow until the service is restarted enough times to pick up a local IP on a different subnet.
The IP ranges appear to be constrained to:
10.8.0.0/24
10.8.1.0/24
10.8.2.0/24
10.8.3.0/24
But I can't find a way to force a particular connection to only use Virtual Addr/Local IPs from a specific subnet.
Does anyone have any ideas? Happy to provide screenshots/more info if it would help.
I'm using OPNsense 23.1.1_2-amd64 and built-in OpenVPN client to connect to multiple (3 in this case) VPN server instances.
This all works very well but occasionally, when any one of the client instances restarts (manually or automatically) it will pick up a 'Virtual Addr' on the same subnet as another running instance. This means that no traffic will flow until the service is restarted enough times to pick up a local IP on a different subnet.
The IP ranges appear to be constrained to:
10.8.0.0/24
10.8.1.0/24
10.8.2.0/24
10.8.3.0/24
But I can't find a way to force a particular connection to only use Virtual Addr/Local IPs from a specific subnet.
Does anyone have any ideas? Happy to provide screenshots/more info if it would help.
3
22.1 Legacy Series / Re: Web Proxy advice
« on: July 13, 2022, 10:00:06 pm »
Bump back to the front page. Anyone have any ideas?
4
22.1 Legacy Series / Web Proxy advice
« on: July 12, 2022, 01:16:41 pm »
Hey all,
I have no doubt that this is a misconfiguration on my part somewhere, but I cannot get the simple Web Proxy to work on my installation of OPNsense (OPNsense 22.1.10-amd64).
To my knowledge I've not changed anything from the defaults but, even when the proxy is enabled and the service is running, I cannot connect to it. It is set to listen on all internal interfaces on port 3128, but telnet to that port fails.
In terms of log information, the cache and store logs have nothing of note but the access log has the following lines:
2022-07-12T12:03:20 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:20 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:19 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:19 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:18 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:18 Alert (squid-1) FATAL: No HTTP, HTTPS, or FTP ports configured
(Actual OPNsense device address obfuscated).
I'd really appreciate any pointers. It hasn't worked since a fresh installation when I moved over from pfSense. My installation of pfSense seemed to work with very little configuration, so I wonder whether the Squid module needs to be removed and reinstalled.
I have no doubt that this is a misconfiguration on my part somewhere, but I cannot get the simple Web Proxy to work on my installation of OPNsense (OPNsense 22.1.10-amd64).
To my knowledge I've not changed anything from the defaults but, even when the proxy is enabled and the service is running, I cannot connect to it. It is set to listen on all internal interfaces on port 3128, but telnet to that port fails.
In terms of log information, the cache and store logs have nothing of note but the access log has the following lines:
2022-07-12T12:03:20 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:20 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:19 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:19 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:18 Alert (squid-1) FATAL: mimeLoadIcon: cannot parse internal URL: http://opnsense.address:0/squid-internal-static/icons/silk/image.png
2022-07-12T12:03:18 Alert (squid-1) FATAL: No HTTP, HTTPS, or FTP ports configured
(Actual OPNsense device address obfuscated).
I'd really appreciate any pointers. It hasn't worked since a fresh installation when I moved over from pfSense. My installation of pfSense seemed to work with very little configuration, so I wonder whether the Squid module needs to be removed and reinstalled.
5
22.1 Legacy Series / Re: WAN interface flapping with 22.1.2
« on: March 10, 2022, 10:40:06 am »
Further to my post above, I've since (as a result of an error during the nginx plugin install) seen a crash report.
Of interest is the dmesg.boot log:
Hope this is useful information!
Of interest is the dmesg.boot log:
Code: [Select]
rpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
igb3: link state changed to UP
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
igb3: link state changed to DOWN
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
igb3: link state changed to UP
arpresolve: can't allocate llinfo for <WAN_Gateway_IP> on igb3
igb3: link state changed to DOWNHope this is useful information!
6
22.1 Legacy Series / Re: WAN interface flapping with 22.1.2
« on: March 09, 2022, 11:42:08 am »
Just created a forum account to report this too.
I had upgraded to 22.1.2_1 a few days ago and had not seen any real issues.
However when I enabled IPS last night I immediately started seeing the WAN interface start flapping (going up and down, together with the CPU usage continuously going from 0-100% and back again).
I switched off IPS and rebooted the router but this did not resolve the issue.
I had to revert to the previous version using
Immediately after reverting the WAN connection went stable again. I should mention that I am using MAC spoofing.
I had upgraded to 22.1.2_1 a few days ago and had not seen any real issues.
However when I enabled IPS last night I immediately started seeing the WAN interface start flapping (going up and down, together with the CPU usage continuously going from 0-100% and back again).
I switched off IPS and rebooted the router but this did not resolve the issue.
I had to revert to the previous version using
Code: [Select]
opnsense-revert -r 22.1.1 opnsense - thanks to a poster further up this thread for that!Immediately after reverting the WAN connection went stable again. I should mention that I am using MAC spoofing.
Pages: [1]