Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - waroz

Pages1

23.7 Legacy Series / Re: Random Timeout (Session TCP Dropped) - SOLVED

September 10, 2023, 03:59:39 AM

It was a strange hardware/software fault.

The internet router configured in bridge was still running at the same time DHCP4 services.
Therefore, if you go on website.tld, two things can happen:

(1) -> The traffic is ok. Nothing seems amiss.
(2) -> The distant server will observe "closed connection" with RESET. If you are capturing packets on your local machine, you will see the TCP session resurrected with a different origin, like if the connection was initiated by the router itself (and NATed by the firewall).

Of course, the live packet capture ability from Opnsense do not give much, simply stating that the outgoing connection is following the rules, so in conclusion the "resurrected TCP connection" is the normal response.

I could only deduce the problem with a traffic analysis with Wireshark.

One thing to see for example is the dropped transmission from the local side, and the answer from given with a different distant origin. It also give the false assumption that it is a DNS issue, but when seeing the dropped connection, it is not.

23.7 Legacy Series / Random Timeout (Session TCP Dropped) - SOLVED

August 30, 2023, 04:55:46 PM

Hi,

It seems that I have random timeout when I am trying to connect to some website. It works fine on google, and this website, but let's say I try yahoo or wikipedia, it will timeout.

I thought it may be a DNS issue, but a capture with wireshark showed me that I correctly get A and SOA information.

This is a PPP connection.

I need help to figure out this problem. I do not know what to do.

EDIT : I can see in the live view that connections are made to the target.

EDIT 2 : After some more tests, it seems that for some reason TCP Session are randomly dropped. I captured some packets, and yes, the distant server indicated closed connection from my firewall, weird.

French - Français / Connexion instable en bridge

July 05, 2023, 12:13:41 PM

Bonjour,

Je suis chez OVH et j'ai opnsense installé sur un PC dédié en PPP. J'ai une adresse IPv4 sans problème qui est bien réservé pour ma connexion.

Avant de passer en bridge, je n'avais aucun problème si ce n'est que mon routeur faisait du filtrage de paquets, raison pour laquelle j'ai fait la bascule.

Mais maintenant que je suis en bridge, j'ai des timeouts assez aléatoires, ou en tout cas, je vois rien de régulier se développer.

Mes symptômes sont simples, lorsque je tente d'établir une connexion vers l'extérieur je peux timeout ou pas sans aucune raison. Par exemple à 11 heures, je peux accéder à google, et 13 heures, cela ne fonctionneras plus.

J'ai pensé à un problème DNS, mais je n'ai aucun problème à résoudre les nom de domaines. Opnsense est installé sur une machine dédié, du coup je m'en remet au forum pour voir si vous auriez une solution à me proposer et si vous avez besoin de plus d'information.

Merci par avance.

Virtual private networks / Re: Can not create tunnel but can establish initial connection vpn

April 14, 2023, 08:20:52 AM

Hi, I apologise for the the late answer, I had to work on other projects. As for the vpn log, I have no answer from the vpn, I can contact the vpn (I see the connection on the vpn log), but no answer go out (which makes me go time out)

I followed the steps to make the server as described in the tutorial ( https://docs.opnsense.org/manual/how-tos/sslvpn_client.html )

Virtual private networks / Can not create tunnel but can establish initial connection vpn

February 24, 2023, 01:14:06 PM

Hello,

I am trying to setup a vpn server on my opnsense firewall. The firewall is behind the router with 192.168.1.68 ip adress. I folllowed the tutorial, but nothing works (the only difference is that I use the local database). This is a part of the logs, if you have any idea :

Code Select

2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT TR|Tw|SR|Sw [10/0]	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=9 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=10 arg=0x002b80d4	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=11 arg=0x002b8e08	
2023-02-24T13:10:14	Notice	openvpn_server1	SCHEDULE: schedule_find_least NULL	
2023-02-24T13:10:14	Notice	openvpn_server1	MANAGEMENT: Client disconnected	
2023-02-24T13:10:14	Notice	openvpn_server1	MANAGEMENT: CMD 'quit'	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT status=0x0040	
2023-02-24T13:10:14	Notice	openvpn_server1	event_wait returned 1	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_WAIT[2,0] fd=12 rev=0x00000001 rwflags=0x0001 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT TR|Tw|SR|Sw [10/0]	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=12 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=10 arg=0x002b80d4	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=11 arg=0x002b8e08	
2023-02-24T13:10:14	Notice	openvpn_server1	SCHEDULE: schedule_find_least NULL	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT status=0x0080	
2023-02-24T13:10:14	Notice	openvpn_server1	event_wait returned 1	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_WAIT[2,0] fd=12 rev=0x00000004 rwflags=0x0002 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT TR|Tw|SR|Sw [10/0]	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0002 ev=12 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=10 arg=0x002b80d4	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=11 arg=0x002b8e08	
2023-02-24T13:10:14	Notice	openvpn_server1	SCHEDULE: schedule_find_least NULL	
2023-02-24T13:10:14	Notice	openvpn_server1	MANAGEMENT: CMD 'status 2'	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT status=0x0040	
2023-02-24T13:10:14	Notice	openvpn_server1	event_wait returned 1	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_WAIT[2,0] fd=12 rev=0x00000001 rwflags=0x0001 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT TR|Tw|SR|Sw [10/0]	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=12 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=10 arg=0x002b80d4	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=11 arg=0x002b8e08	
2023-02-24T13:10:14	Notice	openvpn_server1	SCHEDULE: schedule_find_least NULL	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT status=0x0080	
2023-02-24T13:10:14	Notice	openvpn_server1	event_wait returned 1	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_WAIT[2,0] fd=12 rev=0x00000004 rwflags=0x0002 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	I/O WAIT TR|Tw|SR|Sw [10/0]	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0002 ev=12 arg=0x002b80d8	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=10 arg=0x002b80d4	
2023-02-24T13:10:14	Notice	openvpn_server1	PO_CTL rwflags=0x0001 ev=11 arg=0x002b8e08	
2023-02-24T13:10:14	Notice	openvpn_server1	SCHEDULE: schedule_find_least NULL	
2023-02-24T13:10:14	Notice	openvpn_server1	MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock

On the remote side (windows with openvpn), it only shows poll timout.

Pages1