Messages

1

22.1 Legacy Series / Create local certificate via API?

« on: February 16, 2022, 01:01:46 am »

I was looking at the docs and I couldn't find anything regarding certificate (trust) when it comes to API. Is this not available in latest version and if it's not, is there any plans for the certificate management via API for the near future?

2

20.1 Legacy Series / Re: vIP wont sync on DEC4640

« on: June 29, 2020, 09:21:32 pm »

Well, I guess I'm about to find out. LOL

3

20.1 Legacy Series / Re: vIP wont sync on DEC4640

« on: June 29, 2020, 09:12:33 pm »

 That makes sense. LOL Can I use CARP IP for One-to-One NAT?

4

20.1 Legacy Series / vIP wont sync on DEC4640

« on: June 29, 2020, 08:33:37 pm »

We have 3 different locations running Deciso DEC4640 in HA configuration. Everything seems to be working fine except vIP's wont sync to slave firewall. It looks like CARP vIP's are syncing just fine but not the IP Alias'. Anyone have any idea why and how I can get it to sync up?
Thanks in advance.

5

16.1 Legacy Series / Re: Static DHCP for laptops with wired and wireless adapter

« on: April 14, 2016, 08:37:41 pm »

Just give it put 1 at the end of your hostname for your WiFi MAC.

6

16.1 Legacy Series / Re: ipsec vpn and domain access

« on: April 14, 2016, 08:33:13 pm »

First, you need to use your DC's as your DNS servers  and specify your local domain in DHCP server settings ( if DHCP is used), then you need to make sure that the firewall rules are setup correctly on both local and remote site to allow communication between networks. You can just setup any to any rules if remote network is completely trusted, I personally like to limit by only required ports even if the network is trusted.
Note: once you change your DHCP server settings, you need to renew your IP on your clients. you can do this by ipconfig /release and ipconfig /renew on Windows and for Linux you must restart the network or NetworManager services (systemctl restart network will work on most recent Linux distros).


Hope this helps a bit.

7

15.1 Legacy Series / Re: How install OpenVPN Client Export

« on: March 13, 2015, 05:22:40 pm »

Perfect, thanks, that's something to work with. I'll ponder a bit about how I can wrap this up as an easy to install test package.

Small improvement: if you need /etc/inc make it a soft-link to /usr/local/etc/inc where the include files reside now.

# ln -s /usr/local/etc/inc /etc/inc

Thanks, franco, I don't know why I didn't think about symlink to begin with, I guess I gust want it to work quickly LOL. Anyway, I'm not sure if this is a latest version or not.

8

15.1 Legacy Series / Re: How install OpenVPN Client Export

« on: March 12, 2015, 05:38:41 pm »

OK, here is what I did, login in to the OPNSense via ssh (You can use PuTTy) and run this commands.

Code: [Select]

cd /usr/local/pkg/

Code: [Select]

fetch https://packages.pfsense.org/packages/config/openvpn-client-export/openvpn-client-export.inc

Code: [Select]

fetch https://files.pfsense.org/packages/openvpn-client-export/openvpn-client-export-2.3.6.tgz

Code: [Select]

chmod 077 openvpn*

Code: [Select]

cd /usr/local/www/

Code: [Select]

fetch https://packages.pfsense.org/packages/config/openvpn-client-export/vpn_openvpn_export.php

Code: [Select]

fetch https://packages.pfsense.org/packages/config/openvpn-client-export/vpn_openvpn_export_shared.php

Code: [Select]

chmod 077 vpn_openvpn*

Code: [Select]

mkdir /etc/inc

Code: [Select]

mkdir /etc/inc/priv

Code: [Select]

cd /etc/inc/priv

Code: [Select]

fetch https://packages.pfsense.org/packages/config/openvpn-client-export/openvpnexport.inc

Code: [Select]

chmod 077 openvpnexport.inc
After this is done, you can access it by adding /vpn_openvpn_export.php in to the OS URL( for exemle https://192.168.1.1/vpn_openvpn_export.php)


I hope this will help someone else until developers implement it in to the OPNsense core or as an addon.

Source: http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml

9

15.1 Legacy Series / Re: How install OpenVPN Client Export

« on: March 12, 2015, 05:55:59 am »

I have successfully installed it on my firewall, the only thing is that the style is little bit off but I don’t care, it saves me a lot of time. I don’t remember exactly how I did it, but I will look it up tomorrow at work and post back.

10

Hardware and Performance / Re: Hardware support for Watchguard?

« on: March 04, 2015, 06:25:07 pm »

I'm inclined to say try a stable 15.1 if you can, but 15.7 is certainly a good idea for production systems. Cheers.

I got it to run (15.7) on my Watchguard x750e on 60GB IDE HDD. Currently getting it ready for production (recreating all of the firewall rules an other configurations). The only thing is that the LCD just displaying "Booting OS" and NICs LEDs are not functioning correctly (blinking only when there is activity on that port) but thats has to do with FreeBSD and Wachguard hardware. I will fix that and report back for other people.

11

15.1 Legacy Series / Port Aliases in firewall rules

« on: February 19, 2015, 08:59:13 pm »

I have created an alias with multiple ports and when I tried to create new firewall rule, the (other) field for ports would not hint the alias or if I try to edit existing rule, (other) field is grayed out. Am I missing something or there is a bog?

12

Hardware and Performance / Re: Hardware support for Watchguard?

« on: February 12, 2015, 07:39:08 am »

Thanks franco, I guess I'll just wait for 15.7 release. BTW. I have upgraded the hardware to Intel Pentium M processor 1.73GHz, 2GB of ram and 4GB CF card. One of the Watchguard UTMs have a IDE port, so I'm guessing I can trow an SSD in to that one.  I'm so happy to see OpnSense, defiantly spreading the word.

13

Hardware and Performance / Hardware support for Watchguard?

« on: January 23, 2015, 05:12:27 am »

Just a quick quastion, would there be any support for watchguard hardware? I'm curently running two WG X750e with pfSense. It is installed on CF card and all of the LEDs and screen is working.

Thank you.