"
Is verkocht
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#3
Dutch - Nederlands / DEC3860 verkopen
February 07, 2023, 07:55:36 AM
Ik heb een DEC3860 die ik niet langer meer gebruik.
Slechts enkele maanden gebruikt. Dus in zeer goede staat.
Als iemand interesse heeft, doe dan maar een eerlijk bod.
Groetjes
Slechts enkele maanden gebruikt. Dus in zeer goede staat.
Als iemand interesse heeft, doe dan maar een eerlijk bod.
Groetjes
#4
22.1 Legacy Series / VPN + WAN failover
July 18, 2022, 07:54:25 AM
I'm using wireguard VPN and multiple WAN's.
Now, when there is a WAN failover everything works as expected. It's switching from the first WAN to the second and the VPN keeps working. The problem is when the first WAN comes back online.
It's switching back to the first WAN except that the VPN stays connected over the second WAN and won't switch back to the main WAN connection.
This causes the VPN the slow (the second WAN is much slower) until someone restarts the VPN tunnel.
How can this be resolved?
Now, when there is a WAN failover everything works as expected. It's switching from the first WAN to the second and the VPN keeps working. The problem is when the first WAN comes back online.
It's switching back to the first WAN except that the VPN stays connected over the second WAN and won't switch back to the main WAN connection.
This causes the VPN the slow (the second WAN is much slower) until someone restarts the VPN tunnel.
How can this be resolved?
#5
22.1 Legacy Series / Re: Same monitor IP for multiple WAN, why not?
July 14, 2022, 01:42:41 PM
I have just tried running the dpinger command from the cli.
It works and sends the pings out on the correct wan.
It works and sends the pings out on the correct wan.
#6
22.1 Legacy Series / Re: Same monitor IP for multiple WAN, why not?
July 14, 2022, 12:55:10 PM
By using the -B parameter to dpinger we are already binding to the right source ip/interface.
This is already happening.
It doesn't need a static route but it does add one.
It should be an easy change to allow to the reuse of the same monitoring ip.
(Just remove the check in the gui and the static routes code that it'll create)
This is already happening.
It doesn't need a static route but it does add one.
It should be an easy change to allow to the reuse of the same monitoring ip.
(Just remove the check in the gui and the static routes code that it'll create)
#7
22.1 Legacy Series / Same monitor IP for multiple WAN, why not?
July 14, 2022, 11:09:10 AM
Why is it forbidden to use the same monitor IP for multiple WAN links?
It's using dpinger internally with the -B (bind) parameter so it doesn't really need a static route. It just binds to the right interface and by doing so it should be pinging the monitor IP from the right WAN anyway.
So I do wonder why it's not allowed?
This is problematic for us because we are in a multi wan setup and when our ISP's link fail sometimes the ISP's gateway still replies to ping. The problem with the ISP is further down the route. So which monitor IP should we be using in that. case?
We wanted to ping a known stable icmp responder, like google's DNS 8.8.8.8 for all WAN links. But now we noticed that opnsense doesn't allow entering the same monitoring IP for multiple WANs.
I would like to know why it's not allowed even while it's using the -B parameter for dpinger already and/or what other options we have to monitor our 6 WANS.
It's using dpinger internally with the -B (bind) parameter so it doesn't really need a static route. It just binds to the right interface and by doing so it should be pinging the monitor IP from the right WAN anyway.
So I do wonder why it's not allowed?
This is problematic for us because we are in a multi wan setup and when our ISP's link fail sometimes the ISP's gateway still replies to ping. The problem with the ISP is further down the route. So which monitor IP should we be using in that. case?
We wanted to ping a known stable icmp responder, like google's DNS 8.8.8.8 for all WAN links. But now we noticed that opnsense doesn't allow entering the same monitoring IP for multiple WANs.
I would like to know why it's not allowed even while it's using the -B parameter for dpinger already and/or what other options we have to monitor our 6 WANS.
Pages1
