"
Reachability of lan/wan was related to firewall settings, , onyl issue remaining that i get disconnected without any reason.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
Virtual private networks / Re: openvpn server instance configuration not working
March 11, 2025, 11:32:30 AM #2
Virtual private networks / openvpn server instance configuration not working
March 11, 2025, 11:20:17 AM
Currently i have the Openvpn server configuration under the legacy part configured and working without any issue.
Trying to figure out how to migrate from legace - > instance ..
I am able to configure a openvpn server instance , but the clients connected to it , keeps getting disconnected.
When trying to connect after approx 45 seconds the client gets disconnected , and even in this period not able to reach anything from the lan side
Why is this happening / what am i missing ?
Anybody having the same issue (running opnsense 25.1.2 version of opensense
Trying to figure out how to migrate from legace - > instance ..
I am able to configure a openvpn server instance , but the clients connected to it , keeps getting disconnected.
When trying to connect after approx 45 seconds the client gets disconnected , and even in this period not able to reach anything from the lan side
Why is this happening / what am i missing ?
Anybody having the same issue (running opnsense 25.1.2 version of opensense
#3
24.7, 24.10 Legacy Series / openvpn connectivity issues
November 07, 2024, 01:46:37 PM
I am unable to get a side 2 side configuration to work , with on both sides opensense with openvpn (one side server and other side client) or 1 side with opensnese openvpn-server , and 2nd side a 3rd party openvpn client. However i have to make a note as soon as i can import the ovpn file (into the openvpn client software / app), all is working fine so meaning that the issue is most likely at the openvpn client side where i cant figure out the correct parameters to connect to a openvpn server...
Does anybody have a clue how this can be fixed ?
regards
Does anybody have a clue how this can be fixed ?
regards
#4
Virtual private networks / Re: How to create a openvpn client connection , when you only have a ovpn file
October 29, 2024, 02:33:41 PM
On the destination device ( ASus router) , i cant create a user based ovpn file, just a general one.
From ovpn config page (of this router) able to get the the Ca certificate and the private key ... but that as said not user specific.. selected this peer ca..
When enabeling the config it get to waiting state... cant get any further it is definitely a mismatch with ovpn file which is normally used by ovpn client... .. When i use this file on a windows client or openvpn client on my phone i get connected without any issues..
From ovpn config page (of this router) able to get the the Ca certificate and the private key ... but that as said not user specific.. selected this peer ca..
When enabeling the config it get to waiting state... cant get any further it is definitely a mismatch with ovpn file which is normally used by ovpn client... .. When i use this file on a windows client or openvpn client on my phone i get connected without any issues..
#5
Virtual private networks / How to create a openvpn client connection , when you only have a ovpn file
October 27, 2024, 06:14:17 PM
I am working on replacing a soho router to a opensense router/firewall ... The problem i have at this moment to configure the openvpn client section correctly to connect to the openvpn server.
So in the previous setup it was an easy job by just import the .ovpn file from the remote openvpn, currently i am stuck to configure this under the openvpn client section in opensense...
The ovpn file has the ca certificate and ofcourse the various options
Any help is apriciated
regards
eddy
So in the previous setup it was an easy job by just import the .ovpn file from the remote openvpn, currently i am stuck to configure this under the openvpn client section in opensense...
The ovpn file has the ca certificate and ofcourse the various options
Any help is apriciated
regards
eddy
#6
Dutch - Nederlands / OpenVPN client configuratie gebaseerd op ovpn bestand
October 27, 2024, 06:08:26 PM
Ik moet vanaf een OpenSense systeem een openvpn (client) connectie opzetten om het netwerk wat daar achter zit te bereiken.
Voorheen werd de verbinding via een soho router opgezet die de mogelijkheid had om de ovpn bestand te importeren
Wie heeft een goede handleiding om dat te bewerkstelligen om dit ook in opnsense voor elkaar te krijgen ??...
Voorheen werd de verbinding via een soho router opgezet die de mogelijkheid had om de ovpn bestand te importeren
Wie heeft een goede handleiding om dat te bewerkstelligen om dit ook in opnsense voor elkaar te krijgen ??...
#7
24.7, 24.10 Legacy Series / Zenarmor kills traffic report for outgoing traffic
October 16, 2024, 09:31:38 AM
When Zenarmor is Routded mode , dont see any out traffic values i for exmaple (menu: reporting -traffic).
When it is in transparant mode all is fine , is there a settings (except the zenarmor deployment mode) which needs to be changed to get this back ??.
regards
eddy
When it is in transparant mode all is fine , is there a settings (except the zenarmor deployment mode) which needs to be changed to get this back ??.
regards
eddy
#8
24.7, 24.10 Legacy Series / nslookup not showing the configured aliases
October 15, 2024, 03:25:38 PM
Maybe this has been asked previously (or even not possible) ...
When i do a nslookup <ip address> to the local dns (unbounddns) server , not getting the aliases.
How can this being achiefed ??
regards
eddy
When i do a nslookup <ip address> to the local dns (unbounddns) server , not getting the aliases.
How can this being achiefed ??
regards
eddy
#9
Virtual private networks / Re: [Solved]Unable to get OpenVPN to work for selective routing
August 21, 2024, 10:51:02 AM
Did you have to export profile again...
I also have the same issue that all traffic is forced to the openvpn server and not only the defined local networks
I also have the same issue that all traffic is forced to the openvpn server and not only the defined local networks
#10
Virtual private networks / Issues with OpenVPn client traffic / DNS entries
August 18, 2024, 07:20:18 PM
Not able to seperate internet traffic with traffic to go to vpn-server and also reach the local dns entries.
As openvpn client using OpenVPnConnec (under windows), but the behaviour described below seems to be the same using the openvpn client app on ios devices.
Steps done:
Configured under VPN-OpenVPN-Instances a configuration for the openvpn server.
The following options are configured
Type ->TUN.
Server -> 10.11.a.b/24 subnet.
Tpopology -> subnet
Created under a selfsigned CA a certificate for the openvpn-server
Defind the LocalNetwork which has to be pushed to the connected client(s).
Under miscellaneious:
Register DNS selected
DNS server -> ip of openvpn server
With nothing configured for the option(s) Push Options & Redirect Gateway, dns server ip is not pushed to this client.
when checking the routing table at the client side i see defualt rout 0.0.0.0/0 -> default gw client
but i dont see an entry for the defined Local Network.
When changing te Redirect Gateway paramter : Default ..
Only change then that the routing table a new entry is created
Subnet 0.0.0.0 ,subnet mask 128.0.0.0 with ip of vpn-server as gateway
Internet is normal accessible... remote ip's still cant be reached
Still no route to the local network.
When also configuring Push Options ->"push register-dns"
no changes in the routing tabel, but funny thing is the "local network " can now be reached .
The DNS Overrids (which are needed to be able reach the Internal Websites), can now also be used pointing to ip's of hosts on the local network . But now all traffic is pushed thru the vpn server, something i dont want.
I want to have all traffic which are not intended to be for the Local subnet(s) to go out via the local internet gateway..
What am i doing wrong ?
As openvpn client using OpenVPnConnec (under windows), but the behaviour described below seems to be the same using the openvpn client app on ios devices.
Steps done:
Configured under VPN-OpenVPN-Instances a configuration for the openvpn server.
The following options are configured
Type ->TUN.
Server -> 10.11.a.b/24 subnet.
Tpopology -> subnet
Created under a selfsigned CA a certificate for the openvpn-server
Defind the LocalNetwork which has to be pushed to the connected client(s).
Under miscellaneious:
Register DNS selected
DNS server -> ip of openvpn server
With nothing configured for the option(s) Push Options & Redirect Gateway, dns server ip is not pushed to this client.
when checking the routing table at the client side i see defualt rout 0.0.0.0/0 -> default gw client
but i dont see an entry for the defined Local Network.
When changing te Redirect Gateway paramter : Default ..
Only change then that the routing table a new entry is created
Subnet 0.0.0.0 ,subnet mask 128.0.0.0 with ip of vpn-server as gateway
Internet is normal accessible... remote ip's still cant be reached
Still no route to the local network.
When also configuring Push Options ->"push register-dns"
no changes in the routing tabel, but funny thing is the "local network " can now be reached .
The DNS Overrids (which are needed to be able reach the Internal Websites), can now also be used pointing to ip's of hosts on the local network . But now all traffic is pushed thru the vpn server, something i dont want.
I want to have all traffic which are not intended to be for the Local subnet(s) to go out via the local internet gateway..
What am i doing wrong ?
#11
24.7, 24.10 Legacy Series / Re: SSH version issue error message in log files
July 29, 2024, 03:16:28 PM
checked which version is in use when the browser access the gui and i see usin tls1.3 so that should be sufficient so dont know where the error message is coming from , unfortunate from the log files , i am not get any more details...
#12
24.7, 24.10 Legacy Series / SSH version issue error message in log files
July 27, 2024, 12:19:29 PM
After upgrade I see the following error message in the log file "system/log files/webgui"
usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A000102:SSL routines::unsupported protocol (<client ip>).
Please advise .
Regards
usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A000102:SSL routines::unsupported protocol (<client ip>).
Please advise .
Regards
#13
24.7, 24.10 Legacy Series / Issue with ftp-proxy
July 27, 2024, 12:07:07 PM
Since the upgrade ,can't use ftp-proxy any longer.
Can't start the service and when trying (re-)configure the service I get the following error message.
" Unexpected error, check log for details", which log do I need to check why it is not working ?.
This happens when a configuration exists.
Performed a full reinstall from from opnsense ,without ftp-proxy config able to access the gui.
As soon as I tried to enter the configuration back ,the error message is back.
Can't start the service and when trying (re-)configure the service I get the following error message.
" Unexpected error, check log for details", which log do I need to check why it is not working ?.
This happens when a configuration exists.
Performed a full reinstall from from opnsense ,without ftp-proxy config able to access the gui.
As soon as I tried to enter the configuration back ,the error message is back.
#14
24.7, 24.10 Legacy Series / Issues after upgrade to 24.7_5
July 26, 2024, 11:22:14 AM
I found 2 issues sofare ,
FTP Proxy cant be reconfigured , i getting an error.
When checking the log gui log files i notice an issue with SSL module(s)..
2024-07-26T11:15:30 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A00018C:SSL routines::version too low
2024-07-26T11:15:30 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A000102:SSL routines::unsupported protocol
FTP Proxy cant be reconfigured , i getting an error.
When checking the log gui log files i notice an issue with SSL module(s)..
2024-07-26T11:15:30 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A00018C:SSL routines::version too low
2024-07-26T11:15:30 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3510) SSL: 1 error:0A000102:SSL routines::unsupported protocol
#15
24.7, 24.10 Legacy Series / Re: port forward on ip alias not working
July 22, 2024, 07:03:06 AM
Sorry Guys , I am in the wrong forum... .
Al my issues are related to the 24.1.x version and not 24.7 sorry for that. Not sure if a moderator can move it to the correct one ?
Al my issues are related to the 24.1.x version and not 24.7 sorry for that. Not sure if a moderator can move it to the correct one ?
