Messages

Thanks Patrick, that was it.

I have three VLANs, Computer, IoT and Camera. I want to block traffic from IoT to the other VLANs.




You cannot view this attachment.




When I join the IoT network with my computer, I can still access the Computer and Camera networks. What am I doing wrong?

@Maginos
Post 5 in this thread:
https://forum.opnsense.org/index.php?topic=45483.0

This command in the terminal:
opnsense-update -ur 25.1 -A 25.1

I compiled all the instructions into a document for future use.

There can be some gotchas, like if AT&T is still enforcing EAP auth where you are. I'm not sure how common that is any more. I didn't need any certs or anything for my setup, when I did in the past (when I had the BGW210).

I am on AT&T and I'm interested in this. Would you be willing to share the instructions here or in a private message?
Thanks

I can't help you other than to say I am experiencing the same scenario. I am connected to AT&T fiber and have setup Wireguard using multiple howto's. All my configurations end with a failure to complete the handshake. My Opnsense does not show any firewall rejections. My Wireguard log only shows the instance started. No indication anywhere of what is failing as far as I can see.
Also, I am successfully using OpenVPN with the same equipment that is failing to work with Wireguard.
I will be watching this thread.

Can we only have two policies in addition to default in home subscription? I have default, vlan and vpn. If I try to add another I get a warning that I have exceeded my plan.

I guess it does not matter since I can't get the vpn interface detected.

Device mode is TUN.

Yes, I have the box checked on my openvpn server to redirect all client generated traffic through the tunnel. On my Zenarmor console I have the ovpns interface checked. But, no traffic shows on the live sessions for that interface. I do see "in" traffic on the dashboard traffic graph throughput. But no out traffic.

Is it possible to route my Openvpn traffic from my client (open vpn for android)?

If it's possible, how to configure it?

Thanks,
Terry

I have leases marked abandoned that I can't delete. I don't know why. They are set to expire, so I believe they will go away then.

A poor screenshot on my part. This is the complete screenshot.

[I have OPNsense 23.7 running on a Dell Optiplex. Unbound is configured and working with DNS over TLS.]

I have OPNsense 23.7 running on a Dell Optiplex. Unbound is configured and working with DNS over TLS.




I am getting: error: remote control failed ssl crypto error:00000000:lib(0):func(0):reason(0)




Also, I have these DHCP errors, I don't know if they are related. Probably not:





My devices all connect without issue and DNS resolves. But I would like to correct the cause of these errors.

Any help would be appreciated

I'm curious what the update schedule is for the free version of Zenarmor. My install has rules version 1.11.22050910, is this the latest?
Last update was June 3.
Thanks

[Edit: I noticed the packets I am seeing are ICMP packets, not DNS lookups.]

I have a port forward redirect rule for DNS. I can see in the logs that the rule works. However, some DNS continues to go out from the WAN, to servers that are not what I have setup in Unbound.
I am referring to the 8.8.8.8 destination in the picture.
How do I set up OPNsense to only allow the DNS server I specify?

Edit: I noticed the packets I am seeing are ICMP packets, not DNS lookups. 

My closest neighbor is nearly 1,000 feet away so it's unlikely to be her. I believe when I use the app on my phone it is changing the connection on the Alexa Echo device. I'm not sure how that happens but it's the only thing I can figure out.
I'm going to not use the phone app and see if that stops the mystery connection.