OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of nono »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - nono

Pages: [1] 2
1
General Discussion / Re: visio stencil for OPNsense hardware
« on: April 05, 2024, 09:15:18 am »
Hi Patrick,

Some constructors provide a more details stencils ( where you can pin-point to the exact port), example here on a neatgear switch :


Most of them are available on this github repo btw: https://github.com/girlpunk/VisioStencils

2
General Discussion / visio stencil for OPNsense hardware
« on: April 05, 2024, 08:46:20 am »
Dear Community,

The Deciso team confirmed me that there is no Microsoft Visio Stencil available for the OPNsense appliances.

I'm then asking the community is there is anything out there that I'm not aware of which I could use for my Visio diagram ? I guess anything with the same amount of port would do the job, (more specifically for my DEC4610 but I guess people would be happy to have the other model covered too).

Please let me (us?) know !

3
General Discussion / OpenVPN Firewall rules still there even without OpenVPN profile
« on: March 11, 2024, 03:51:12 pm »
Hi,

I'm on 23.10.2 (business edition) and I have a strange behavior.
I was using for few weeks, a OpenVPN client on my OPNSense firewall.
Since then, I've remove all the configuration related to it (nothing left except few logs) but I still have the firewall rules for a (ghost?) "OpenVPN" interface ?!

It kinda weird as I don't have any "OpenVPN" interface anymore... Out of "safety" (more for my peace of mind) I've removed all the rules, but I still have the 15 Automatically generated rules ?!

I tried to restart the appliance, but it still there. Is there anything do to to correct this as I shouldn't see this rules/interface at all, right ?

4
General Discussion / Re: ed25519-sk key type not working ?
« on: January 30, 2024, 10:55:30 am »
My bad .... I paste the wrong public key to my user access  :-[

5
General Discussion / ed25519-sk key type not working ?
« on: January 30, 2024, 10:30:48 am »
Hi Everyone,

I recently bought a security key (Yubikey/Nitrokey type) and create a new pair of ed25519-sk type.
I'm a bit surprised that I'm not able to use on a:
Quote
OPNsense 23.4.2-amd64
FreeBSD 13.1-RELEASE-p8
OpenSSL 1.1.1v 1 Aug 2023

When my "normal" ed25519 works perfectly.

Is there something I can do to allow such ssh key type ?

6
General Discussion / Re: opn-arp configuration file
« on: February 27, 2023, 01:13:34 pm »
I really appreciate the answer you all gave me.

But I tried to setup a test instance, on :
Virtualbox 6.X (Windows 10)
Virtualbox 7.X (Windows 11)
ESXi (7.X)
Vagrant (on windows 11 with Vbox 7.X)

All of those, finally end-up failling.

I know my request is unusual, but still quite simple. Could any of you, if the repo & the plugin install, send me the content of the configuration file ?
Then, it could also help someone else directly who also may need it ?

Thanks in advance !

7
General Discussion / Re: opn-arp configuration file
« on: February 27, 2023, 11:57:16 am »
Yeah, unfortunately, I have to use Windows (11, but I tried on 10 with Virtualbox 6.X, same result)

8
General Discussion / Re: opn-arp configuration file
« on: February 27, 2023, 09:58:08 am »
I actually tried to run OPNSense 22.7 (the version I have in production) on Virtualbox 6.x & 7.x, I got a panic kernel on both case ..

I don't want to use the repo, because the author clearly stated that :
Quote
Don’t use it in production environments, I only test a couple of them from time to time

Edit: I'm quite new with Vagrant but still give a try and end-up having this error about NFS :
Quote
vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
It appears your machine doesn't support NFS, or there is not an
adapter to enable NFS on this machine for Vagrant. Please verify
that `nfsd` is installed on your machine, and try again. If you're
on Windows, NFS isn't supported. If the problem persists, please
contact Vagrant support.

9
General Discussion / Re: opn-arp configuration file
« on: February 27, 2023, 08:49:01 am »
Thanks @mimugmail, but it's the "Elsewhere" which bother me currently, any chance to get your/the default values ?

10
General Discussion / opn-arp configuration file
« on: February 23, 2023, 03:51:57 pm »
I was looking for an alternative of ARPWatch from PFSense and I found out OPN-ARP from the community repo here https://www.routerperformance.net/opnsense-repo/ from @mimugmail.

I would like to run this script on stand-alone mode without using the REPO (as I'm productive environment), but I can't seems to find the configuration file aside the script posted here : https://gist.github.com/mimugmail/6cee79cdf97d49b1d6fc130e79dc3fa9

Is there a chance that someone using the repo can send me the content of the following file: 
Code: [Select]
/usr/local/etc/opn-arp.conf

11
22.7 Legacy Series / Re: "Initial Connection" is taking long to load, after 2min idle
« on: January 10, 2023, 08:34:55 am »
Thanks, I'll mark the topic solved

12
22.7 Legacy Series / Re: "Initial Connection" is taking long to load, after 2min idle
« on: January 09, 2023, 03:59:12 pm »
Ok, so we made some test and indeed, using the IP is faster.

I then noticed that a "nslookup" return all the interface IP for the hostname, including the WAN (public IP) one.

I then check unbound DNS service which was listening on all interfaces, and decided to remove WAN from it.
The Public IP wasn't resolved anymore, which fix the slowness issue but still make me wonder :

Even if unbound isn't listening to WAN interface, it shoulds still resolve the IP of all interfaces, right ?

How could it be that I "remove" the WAN ip, simply by asking unbound to not listen on WAN interface ?

13
22.7 Legacy Series / Re: "Initial Connection" is taking long to load, after 2min idle
« on: January 09, 2023, 12:54:14 pm »
I'll check with them and revert, but I switch to my mobile connection (providing both v4 and v6) and I can't reproduce the issue so far.
I assume it can still be a cache issue, even though I used incognito mode.

14
22.7 Legacy Series / Re: "Initial Connection" is taking long to load, after 2min idle
« on: January 09, 2023, 11:09:31 am »
Hi Fright,

We're still experiencing the same issue, with 3 users now.
Me : no issue
Two colleagues : Having same issue and same "Initial Connection" time at ~20sec.

We all use : Same OS, Same Browser (and tested other, without plugins installed), all using the same VPN / Client and same AV version as well.

The difference would be for them to have both IPv4/IPv6 provided by their ISP when I only have IPv4. Could this be somehow a culprit ?

15
22.7 Legacy Series / Re: NAT Outbound doesn't translate IP & PORT
« on: December 20, 2022, 04:17:23 pm »
I found the solution in here : https://forum.opnsense.org/index.php?topic=19327.0
I had to ONLY have a Port Forwarding rules like follow :
Interface : WAN
Protocol: UDP
Destination: 45.2.2.2 (public ip)
Destination port: 51820
Redirect target IP: 100.127.0.10 (WAN IP)
Redirect target port: 51820

Pages: [1] 2
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2