Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - fiR3W4LL87

Pages: [1] 2

German - Deutsch / Re: Zertifikatsproblem nach Netzwerkerneuerung

« on: September 25, 2024, 08:48:47 pm »

Hoi @Patrick M. Hausen,

Du hast mir bereits sehr geholfen – vielen Dank dafür! Es hat sich tatsächlich einiges geändert, seitdem ich das letzte Mal die Zertifikate erstellt habe. In der aktuellen Version von OPNsense sind einige zusätzliche Schritte oder Angaben erforderlich, die vorher nicht notwendig waren.

Das war mir entgangen, und deshalb wusste ich nicht genau, wo ich nach dem Problem suchen sollte. Deine Frage hat mich jedoch in die richtige Richtung gelenkt. 😄

Nochmals vielen Dank für deine Unterstützung!

German - Deutsch / Re: Zertifikatsproblem nach Netzwerkerneuerung

« on: September 25, 2024, 08:31:19 pm »

Besten Dank für deine Nachricht.

Meinst du die gesamte Konfiguration, oder nur die Fehlermeldung oben ?

Freundliche Grüsse

German - Deutsch / Zertifikatsproblem nach Netzwerkerneuerung

« on: September 25, 2024, 12:11:41 am »

Hallo Zusammen,

ich habe kürzlich mein Netzwerk komplett neu aufgesetzt und dabei auch einiges vereinfacht. Vorher hatte ich über OPNsense ein Root- und ein Intermediate-Zertifikat erstellt und diese über ADGuard und NGINX für jeden Dienst separat eingerichtet.

Jetzt funktioniert es leider nicht mehr wie gewünscht. Windows zeigt mir ständig an, dass das Zertifikat nicht sicher ist. Ich stecke nun fest und kann den Fehler nicht finden. Vorhin funktionierte es einwandfrei.

Ich weiss, never Change an Running System. Das Problem es war so komplex, dass ich nicht genügend Freizeit mehr verfüge um alles zu verwalten

Wichtig zu wissen: Ich benutze nur lokale Domänen, es gibt kein Portforwarding oder Ähnliches – es geht nur um lokale Dienste.

Hat jemand eine Idee, wo das Problem liegen könnte oder was ich übersehen habe?

Danke im Voraus für eure Hilfe!

General Discussion / Re: First request takes 20sec

« on: March 28, 2024, 12:50:19 pm »

Hi Franco,

It was my mistake. I realized that I had entered the wrong setting under System -> Settings -> Domain. Consequently, the system was attempting to resolve a domain to which it had no access.

I have corrected this, and now the initial requests should be processed directly.

Please accept my apologies for my oversight, and thank you for your patience and time.

Best regards,

General Discussion / Re: First request takes 20sec

« on: March 28, 2024, 10:50:42 am »

I've noticed that too. Now, I don't really understand where the problem could be. I'm having trouble getting to the bottom of it with Wireshark; it's somehow too complicated for me. Maybe I'll just have to live with it, but it's really frustrating sometimes... That's why I thought I'd ask in the community; maybe someone else has had this issue before :

General Discussion / First request takes 20sec

« on: March 15, 2024, 08:49:44 am »

Dear Community,

I'm encountering an issue with my browser and I'm hoping to seek assistance from you all. My browser takes approximately 20 seconds to process the first request after it's launched. I'm running an OPNsense firewall and self-hosting AdGuard for DNS resolution on the Opnsense.

Interestingly, when I modify my browser's DNS settings, for example, to 1.1.1.1, requests are processed immediately upon browser startup, without the long delays.

Could you please help me troubleshoot and resolve this issue? Any assistance would be greatly appreciated!

Thank you in advance.

23.7 Legacy Series / Re: Using own CA for certificates within OPNSense . How?

« on: February 02, 2024, 03:32:46 pm »

It now works
I have the certificates signed by the root CA with a lifetime of 825.
Now it also works with domain.home

23.7 Legacy Series / Re: Using own CA for certificates within OPNSense . How?

« on: January 31, 2024, 12:09:47 am »

I started quite recently. So I can't tell you if it has a notbefor date^^ but it was created recently.
However, I have seen the posts and recreated the root and intermediate as well as the application certificate and limited it to one year.
So I don't know where the error should be.
I have under organization: none in...... and use .home as topdomain. Can this also lead to errors?

23.7 Legacy Series / Re: Using own CA for certificates within OPNSense . How?

« on: January 30, 2024, 11:54:10 pm »

Do you have 20 years in the Root and intermediate CA or just in the intermediate?
I tried this but get untrusted on ios -.-

23.7 Legacy Series / Re: Using own CA for certificates within OPNSense . How?

« on: January 30, 2024, 10:38:40 pm »

Hello together

Wanted to ask if anyone has managed to successfully integrate the certificates under Apple as Trusted?

Somehow I find it difficult to achieve this.

General Discussion / 2xOpnsense VMs Rules & best practice

« on: September 08, 2023, 11:52:32 am »

Hello people

I've been working with Opnsense for some time now and I'm pretty happy with it. I have a Qotom Machine, with 8x 2.5GB nics, Proxmox is installed on it.

What I would like to achieve, 2-3 VMs of Opnsense with the same WAN port, this was passed by Proxmox as a virtual Nic on both VMs. And the individual networks are passed through via passtrought.

Among them are 2 managed switches with preconfigured VLANS, among others the management devices, which is the only one that can access everything and adjust the configuration.

The currently I do not manage to access from LAN 1 to the IP of Opnesense 2. I also question my own goal:

Is it even possible to achieve this? Without overloading the WAN port?

If this does not generate overhead on the Nics, how can I make it so that I can communicate between LAN 1 and LAN 2. Both for management, SMB, etc.

Or should I just keep this as simple as possible and manage everything through a VM?

Could be UFS the problem? Dont think so?!

General Discussion / Re: Really slow Updates/Firmware

« on: January 24, 2023, 09:52:54 pm »

Adguard?

The rest of the System works a charm and Adguard is since more or less one week on it.

How could i resolve it?

Pages: [1] 2