Messages

My network stops working, as no device had internet access. Dns resolution was still working but not as fast as it use to be.

I restart it with no success. Then i restart the packet filet service and internet is now working.

I had no indication that the service was stopped. Where can i look to find an explanation for this strange behaviour ?

i am running version 24.7.11_2

thank you

Bonjour, je n'ai permis l'accès ;a la page web de mon opnsense qu'à partir de certain vlan, cependant même si cela est activé que pour 2 vlans, il est quand même possible de se connecter au Gui en https depuis un vlan qui n'est pas permis ? Comment est-ce possible et comment puis-je bloquer tout accès en internet depuis les vlans non autorisés ?

J'utilile outbound dns pour tous mes sous-réseaux et zenarmor est activé sur tous les vlans.

Le problème est que sur un de mes sous-réseaux, si j'ajoute un périphérique, exemple, mon celllaire pixel 9, l'accès a internet ne fonctionne pas du tout, tant que je ne désactive pas l'option DNS over HTTPS qui est activé dans ma policy dans zenarmor. Pourtant mes autres périphériques dans le même réseau fonctionnent correctement ??? voir les captures d'écran Comment est-ce possible ?

Thank you, the update has complete with success

I am doing some validation prior updating my opnsense. If i go to Firmware / Status i see firmware version 23.7.12_5.picture (opnsense.png) But if i check the update tool  Status/Check for update the update tool says that i am running version 23.7.10.Picture (current_version.png) Why the update tool reporting that version ??


I just want to make sure the update won't break anything afert updating. See the attached files. Thank you

I managed to make my vpn to connect with the new Connection mode between to opnsense firewall.

But 2 little problems remains

1-
My 2 sites are with dynamic ip. The ipsec config i mage is with a PSK. To make it work i have to put directly the ip address in the Pre-Shared keys Section in both firewall to make it work instead of the dynamic ip service i use. If i use the dynamic ip host like myhost1.noip.com.

2- Now that the vpn is connected, no data go across the vpn at all. in my phase 2 section i have put 0.0.0.0/0 as local and remote subnet in both  firewall. And in firewall rules ipsec interface i allow all in both firewall.

thank you for your help

yes it is

i have done a new lookup at the log here is what i found. See the attached file.

it always failed with NO_PROPOSAL_CHOSEN

i am trying to establish a site to site vpn between to opnsense box. Box1 have version 23.7.12_5 and Box 2 have version 24.1.2_1. The two isp connexion have a dynamic ip. Phase one and phase 2 are congured using the same settings. I saw the connexion coming out of box1 to box2 on port 500. I saw the incoming conexion coming in in box1. But the vpn never came up.

i initiate the connexion from the Box1.

I have attached the log from the Box2.

i have added the rule for port 500 4500 nat-traversal and for ESP protocol

Thank you

i did a wireshark capture and this what i see when the web site is not accessible. See the attached image

There is a lot of retransmit, but i don't know why. When i switch vlan (ssid) the web page instantly show

When i try to acces a website that is in http im a unable to access it. i got an error from my browser saying to verify my network access.

If i switch to an other ssid that have a different vlan , i can access de web site. Either of the vlan are configured in OPNSENSE.  Currently running version 23.7.10_1.

I can't find the root cause of this. Help will be very appreciated.
Thank you

i am using Zenarmor , crowdsec and unboundDNS. But suddenly, i can't access office365 web site anymore using unbound with or without blocklist. If i change my dns to, for exemple 8.8.8.8. i've acces to office365 webapp with no problem.

i have try to add a lot of whitelist url in unbound to no success.

Anybody on the same situation ? As far as i can say, everything else  is working well with unbound except office365

yes thank you,

it's working.

Hi, i have a couple of vlan in my opensense config.

i have created rules to allow acces to devices between vlan but they are not working. I think i know why but don't know how to solve it.

vlan 10 192.168.10.0/24 ip of the interfcace 192.168.10.1
vlan 20 192.168.20.0/24 ip of the interface 192.168.20.1

When i do a tracert from the client on vlan 1 to a client on vlan 2 i got this

tracert -d 192.168.20.10
1 ms 1ms 1ms 192.168.10.1
2ms 2ms 20ms Gateway of my wan
* * *
* * *
* * *
* * *


So it never to through the client on vlan 20.

Thank you for your help

Je vais me répondre a moi même. Je ne connais pas la raison pour laquelle ça ne fonctionnais pas. j'ai effacé la configuration de l'interface dans le parefeu, et refait la config du vlan dans mon equipement réseau en modifiant le vlan id et ai recréer la nouvelle interface dans le parefeu et c'est maintenant fonctionnel. A mon sens a moi, j'ai refait exactement la même config en modifiant seulement le vlan id et l'adresse ip de l'interface sur le parefeu ainsi que l'ip  de ma switch.