Messages

Ok, got UPnP working on both computers but can't join a game on Destiny 2 on the same network (two different accounts).

I used this guide to setup:

https://www.youtube.com/watch?v=g5EJYVnpmlM&t=600s

Didn't work.

I've seen a few posts on getting Destiny 2 to work on the same network but nothing worked for me. 

When you cloned the original rules does that mean there are now two rules for the same port but two different devices? I assume on WAN inbound? That doesn't work. You can only have one destination device for each port.

Yes. 

Begs the question, how do I enable port fwd'ing for multiple devices?  Should I just use the UPnP plugin?

[Allow Edge Traversal]

Background: Haven't messed with the configuration for over a year.  I setup port forwarding for steam ports for my desktop and it was working last I checked (over a year ago).  Again, I haven't messed with it since.


This week I cloned all the port forward rules to add a laptop.  My son was trying to connect with a friend but kept getting a connection error, so I checked to see if the ports were forwarding but alas, neither the laptop nor desktop are able to fwd any of the ports.


I've setup port forwarding rules in the Windows Firewall, enabled Allow Edge Traversal, I don't have antivirus (just Defender) on my Desktop and I have Avast on my laptop. 

I've checked and double checked all the port fwd rules, I have Reflection for port forwards Enabled and Automatic outbound NAT for Reflection Enabled.

The Interface is a LANBridge.

Tried a different USB and it worked.  The other drive must be buggared.

Keep getting error trying to install Opnsense on a new Alder Lake (intel 1265U) Firewall PC.

Downloaded the latest version (vga) and used Rufus to mount on USB.

Installing on a 58GB intel Optane drive.

How do I go about fixing these.

Sorry, no idea. I do not mess with Microsoft products talking to Microsoft, Apple products talking to Apple, etc. If I was concerned I would not be running Windows, plain and simple.

Keeping systems maintained and up to date is far more important from a security standpoint.

Kind regards
Patrick

This issue for me is with the Firewall rule that re-directs all DNS queries to Opnsense. Microsoft doesn't like this for some reason. Again, I think it can be fixed / configured under System-> Trust -> Authorities / Certificates but I'm still reading up on how to set this up for Microsoft.

In the meantime, I manually set my DNS on my computer and disabled the Firewall rule.

You will need to refresh the client's DHCP lease, so it picks up the new DNS settings. Also check your DHCP configuration for explicitly specified DNS servers. If you disable Unbound, it cannot serve clients.

Ahh, yeah I figured.

I'm just using the cloudflare DNS servers over TLS but I have a firewall rule to route all DNS queries to the firewall.  I think this is what broke MS downloads / MS sites.

How do I go about fixing these.  I saw a thread about adding MS certs to the Authorities but it wasn't clear and I don't want to bugger anything up without first getting more info.

I disabled Unbound DNS and reconfigured OPNSENSE settings for the DNS server and nothing worked.  Had to re-enable Unbound DNS to get connection back.

So if I disable unboundDNS and disable the DNS over TLS, then manually put the DNS servers into System -> Settings -> General, I get not connection at all.

Did something get corrupted?

I disabled Unbound DNS and reconfigured OPNSENSE settings for the DNS server and nothing worked.  Had to re-enable Unbound DNS to get connection back.

For some reason I can't connect with Microsoft sites any updates.  Answers.microsoft.com doesn't work and can't connect to Microsoft update servers. 

How do I troubleshoot this?

I disabled Suricata, ZenArmor, and Unbound DNS. 

Currently I have Unbound DNS connected to Cloudflare DNS over TLS.

I have a firewall rule to rout all DNS queries through OPNSENSE.  Until about a week ago, I didn't have any issues so maybe this is from a recent update?

Trying to setup DNS over TLS with cloud flare but the unbound DNS service won't start.

Kids are doing a lot of school work online and I'm trying to setup parental controls (CloudFlare 1.0.0.3) and would appreciate the help

Hi,

Are you planning to bridge interfaces in OPNsense first? You can only select 2 interfaces on Zenarmor GUi in bridge configuration.

Yes, I bridged three LAN ports.  Are you saying I can only apply a policy to two of these ports?

I was thinking that. I'll try it tonight, thanks.

So I created two pipes, both at full bandwidth (300Mbps) and two queues; one with a weight of 100 and the other with the weight of 50. 

For rules, I made a rule for my PC IP address (for the 100 weight queue) and the second rule I used the inverted function "Not the PC IP".

Seems to be working.

I was thinking that. I'll try it tonight, thanks.

No. If you build a LAN bridge you have only a single LAN interface. You turn all ports that are memberd of the bridge into a switch. Switch is just a fancy word for bridge.

So you can either use static assignments  in your DHCP config and the IP addresses to identify clients or the clients' MAC addresses where possible. Firewall rules for example permit this.

Shaper rules don't have the ability to use MAC as destination or source.  I don't see how I can create a policy for just one PC.