Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - FredsterNL

#1
Hi Dseven,

My issue is that I don't get the correct reply:

When I PING OPNSENSE.MY.DOMAIN I should get back 192.168.1.10

Instead I am getting results 192.168. 20.1 or 192.168.30.1 and even the IP from my WAN interface...

I don't get back the correct IP for the OPNsense management interface... I don't want the VLANs' interface address to respond at all: My laptop is on the same LAN as OPNSENSE.MY.DOMAIN)

Why are VLANs interface IP'S (The static IP specified when creating the VLAN) and my WAN IP  claiming to be OPNSENSE.MY.DOMAIN (Which is 192.168.1.10)
#2
Hi all,

I ran into a small problem and have no idea how to solve it:

My OPNsense configured for a static IP address, for example: 192.168.1.10 and hostname opnsense.my.domain. My laptop is on the main LAN on 192.168.1.19 (obtained via DHCP)

I also have a couple of VLAN interfaces configured with a static IP:
VLAN 20:  192.168.20.1
VLAN 30:  192.168.30.1

The issue I run into is that when I PING my OPNsense (Running latest from my laptop, I see this:

ping opnsense.my.domain

Pinging opnsense.my.domain (192.168.30.1) with 32 bytes of data
Reply from 192.168.30.1 time=9ms
Reply from 192.168.30.1 time=10ms
Reply from 192.168.30.1 time=10ms
Reply from 192.168.30.1 time=9ms
Packets sent = 4, Packets received = 4, No packets lost

Note that my OPNsense IP actually is 192.168.1.10 (Not 192.168.30)

When I flush my DNS (Unbound) with IPCONFIG /FLUSHDNS I get:

Pinging opnsense.my.domain (192.168.20.1) with 32 bytes of data
Reply from 192.168.20.1 time=10ms
Reply from 192.168.20.1 time=11ms
Reply from 192.168.20.1 time=10ms
Reply from 192.168.20.1 time=9ms
Packets sent = 4, Packets received = 4, No packets lost

When I flush DNS again, sometimes even my WAN interface responds:

Pinging opnsense.my.domain (31.x.y.z) with 32 bytes of data
Reply from 31.x.y.z time=11ms
Reply from 31.x.y.z time=11ms
Reply from 31.x.y.z time=10ms
Reply from 31.x.y.z1 time=9ms
Packets sent = 4, Packets received = 4, No packets lost

Any idea what is causing this and how to correct it?

Any help is greatly appreciated!

Fred


#3
Quote from: meyergru on November 27, 2024, 10:33:09 AMExcuse me for using this german proverb, but do not fall for: "Operative Hektik ersetzt geistige Windstille".

Great proverb, I gotta remember than one :)
#4
Hi,

Tried both suggestions, thank you, but nothing worked...

I reimaged the USB stick several times (Using DD from an Ubuntu PC), but still no difference.

Out of options I reimaged the USB stick from a Windows laptop with Rufus to write the image, which DID make a change: Now I got booted into the live image correctly and could start the installation process :)

Thanks again for your suggestions!
#5
Hi all,

I am trying to reinstall my DEC750 ((Currently running 24.7_2) via serial console (Connected via the Mini USB, COM6 serial, 115200, 8N1) and a USB stick with the serial image.

Using Putty or MobaXterm I am able to go into the BIOS and set the UART 0 legacy option to DISABLED and select the USB image to boot, but then get stuck on a menu that simply does not accept any input from keyboard.

Any advice on how to solve this particular issue?
#6
Zenarmor (Sensei) / Re: ZenArmor issue after 24.7.8
November 16, 2024, 01:42:41 AM
Quote from: IHK on November 13, 2024, 02:16:39 PM
This does not affect Zenarmor operations.
The team is working on the issue, and it will be resolved shortly.

Good to hear @IHK

Would it be possible to include a description of what went wrong and how it was solved?

The trigger was clear: the upgrade to 24.7.8 started the erors from appearing.

Is this only happening to paying customers or also others using the free version?
#7
Zenarmor (Sensei) / Re: ZenArmor issue after 24.7.8
November 12, 2024, 04:07:27 PM
After a complete removal and reinstall, I have not received any error emails thusfar, so whatever the cause is, it seems to be solved by reinstalling.

Edit 13 Nov.:

Still no new alert messages after reinstall. No idea if the issue is being investigated by ZenArmor or not, but this could be a workaround it seems.


#8
Zenarmor (Sensei) / Re: ZenArmor issue after 24.7.8
November 12, 2024, 12:15:43 AM
Hi,

As I kept getting more emails, I decided to reinstall ZenArmor from scratch.

Several hours ago now, and so far no new emails....

Will check back tomorrow or earlier if mails start again.
#9

I think there should also be some 'crowdfunding' possibility...

Is a facility set up where users that want to show their appreciation can deposit a financial 'thank you'?
#10
Zenarmor (Sensei) / Re: ZenArmor issue after 24.7.8
November 10, 2024, 12:53:15 AM
Thanks, keep us posted pls

there must be more users with this problem...

Do you have a license like I do? possibly only paying customers get the email? Dunno...
#11
General Discussion / Re: Configuration backups
November 09, 2024, 11:27:26 AM
Quote from: Patrick M. Hausen on November 08, 2024, 08:30:04 AM
You can configure a daily upload to Nextcloud or a Git repo.

Hi Patrick,

I did see those two options and actually ran NextCloud for a while, but found it to be messy and confusing.

I would like to simply get an email with attachment to my own email service (not being Google)
#12
I get these as well regularly, but if it is an attack:

The attacker is flooding your system starting connections, but leaving the session hanging halfway, leaving the firewall waiting for the other side to finish building the connection. Do this from a single address (DOA) or multiple addresses (DDOS).

That being said: I don't actually believe ZA is detecting this properly, as this type of attack to home firewall (in my case) correctly. Why would an attacker SynFlood random users?

The number of 'me too' messages makes me thing ZA is a bit trigger happy maybe?
#13
AI in the back end?

Is it already done wrecking the front end, or just branching out?

Yuk (And I say that in a very positive way, Franco  ::) )
#14
Zenarmor (Sensei) / ZenArmor issue after 24.7.8
November 09, 2024, 12:46:32 AM
Hi all,

After upgrading yesterday I am getting the following alerts in my email from ZenArmor (paid version)

Time  Priority  Category  Firewall  Title  Message
2024-11-08 23:16:24 UTC  err  IPDRStreamer  MyHost (MyHost.my.domain)  ipdr.(*IPDRDirectoryReader).listen.func2.1  Local Insert Error: ES Return Code 400 local insertion error

Sometimes I get 2 of the same error in the same email

Not exactly inundated by emails (got 3 or 4 now), but....

Anyone an idea what is going? No errors during installation of 24.7.8, kernal update and boot was fine as well. No other changes have been done.

Edit: firewall seems to working normally otherwise, with ZenArmor to be an exception
#15
General Discussion / Configuration backups
November 08, 2024, 05:41:28 AM
Hi all,

I wonder if there are ways to easily create daily backup of the complete configuration and get it mailed (encrypted optionally) to a generic mail service (Not Google, they got enough data  :o )

Are there any solutions already available or any plans to add functionality in the web GUI?