"
I have 2 gateways in my network - I scanned from the second one to the external address of the opnsense. I tried scanning from home, but it didn't find any open ports. The topic can be closed.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
25.1, 25.4 Series / open port 2000 and 5060
February 20, 2025, 09:11:11 AM
Hello everyone! I scanned my external IP address of OPNSense with Nmap and found 2 open ports, namely 2000 and 5060. Firewall rules are all default, only the port of Wireguard was added. Nothing is installed from plugins, except for Zabbix agent and dark theme. What services could open them?
#3
24.7, 24.10 Series / Re: wireguard 2fa defguard
October 14, 2024, 09:46:07 AM
How are you doing, did you manage to make this connection work?
#4
Virtual private networks / Re: Wireguard and internal networks
July 30, 2023, 03:01:27 PM
The problem was solved by specifying in the firewall rule, in the wayguard branch, in the paragraph incoming from "wg1 net" to "any" and prescribing the correct route. Now the question about this farewall rule - how critical is it to allow connections in the inbox to "any"?
https://ibb.co/1M0vpHF
https://ibb.co/1XSGgZk
https://ibb.co/1M0vpHF
https://ibb.co/1XSGgZk
#5
Virtual private networks / Re: Wireguard and internal networks
July 26, 2023, 08:54:09 AM
Nothing happened. It turned out to ping from 192.168.23.0.24 ==> 10.15.0.1 by changing the rule in the firewall in the WG branch, changing the branch of source packets from the "WG net" to "any". But the 23 network never pinged.
#6
Virtual private networks / Re: Wireguard and internal networks
July 25, 2023, 02:53:13 PM
I did tracing, both from Mikrotik and from the computer behind it - the routes go correctly. But from the network computer they are lost behind 192.168.68.1, but the address of the WG interface 10.15.0.12 is pinged.
https://ibb.co/qy9VrVT
It seems to me that the matter is in the firewall on the open-sense, since I cannot even ping 10.15.0.1 from the local network behind the microit. Private networks are blocked on the WAN interface there
https://ibb.co/pbc9bp4
I'll try to disable this rule tonight and see what happens.
https://ibb.co/qy9VrVT
It seems to me that the matter is in the firewall on the open-sense, since I cannot even ping 10.15.0.1 from the local network behind the microit. Private networks are blocked on the WAN interface there
https://ibb.co/pbc9bp4
I'll try to disable this rule tonight and see what happens.
#7
Virtual private networks / Re: Wireguard and internal networks
July 25, 2023, 12:19:00 PM
routes are registered on routers or you mean prescription of routes on the computers?
#8
Virtual private networks / Wireguard and internal networks
July 25, 2023, 09:06:41 AM
Hello friends. Sorry for bad english. ;D
I had a problem that I couldn't solve. In the picture below, I have drawn an approximate network topology, where I connected Mikrotik and OpnSense into one network using a Wireguard. Everything works between routers, internal networks are pinged, but the computers behind them cannot ping each other.
https://ibb.co/ft6MyBd
Namely, any computer from the network 192.168.68.0/24 does not ping 192.168.23.0/24 and vice versa. Moreover, computers with 192.168.68.0/24, which is behind Mikrotik, cannot ping the vpn gateway of Wareguard 10.15.0.1, although the Mikrotik 10.15.0.12 interface is pinged. From the network 192.168.23.0, pings reach 10.15.0.1, but they don't go to the 68 network anymore. I understand that the problem is on the side of OPNSense, namely, it is possible in the firewall ... The gateways in the internal networks are configured correctly.
The firewall on OPNSense is configured according to the instructions from your site, namely, 2 rules have been created for the WAN and WG interfaces. Added a route for the 68network to 10.15.0.12 in the gateways.
I do not know already where to dig, what do you advise?
I had a problem that I couldn't solve. In the picture below, I have drawn an approximate network topology, where I connected Mikrotik and OpnSense into one network using a Wireguard. Everything works between routers, internal networks are pinged, but the computers behind them cannot ping each other.
https://ibb.co/ft6MyBd
Namely, any computer from the network 192.168.68.0/24 does not ping 192.168.23.0/24 and vice versa. Moreover, computers with 192.168.68.0/24, which is behind Mikrotik, cannot ping the vpn gateway of Wareguard 10.15.0.1, although the Mikrotik 10.15.0.12 interface is pinged. From the network 192.168.23.0, pings reach 10.15.0.1, but they don't go to the 68 network anymore. I understand that the problem is on the side of OPNSense, namely, it is possible in the firewall ... The gateways in the internal networks are configured correctly.
The firewall on OPNSense is configured according to the instructions from your site, namely, 2 rules have been created for the WAN and WG interfaces. Added a route for the 68network to 10.15.0.12 in the gateways.
I do not know already where to dig, what do you advise?
Pages1
