Messages

1

24.1 Legacy Series / Re: Constant red light indicating crash every few seconds, what does this mean?

« on: October 30, 2024, 04:22:51 pm »

Sorry shoot just to follow up on this in case someone else has this issue, I typed in "plugins" into the search bar and it brought me to the list of installed plugins

In there, I had one that says (misconfigured) homeassistant-maxit or something along those lines (I already removed it, oops) and I simply deleted it

I already run a dedicated Home Assistant VM on Proxmox so I'm not sure what the purpose of the plugin is on OpnSense, curious to hear more though if anyone knows

Thanks anyway!

2

24.1 Legacy Series / Constant red light indicating crash every few seconds, what does this mean?

« on: October 30, 2024, 04:13:36 pm »

https://pastebin.com/uqG39eX7

I'm just a novice user, no clue what to do here

It's complaining about something called hass.inc and is crashing literally 5000 times a minute by the look of it?

HASS is a homeassistant plugin which I didn't even remember installing onto OPNsense, but how do I remove HASS?

3

General Discussion / Re: Install PiHole on Opnsense

« on: February 13, 2024, 08:45:09 pm »

I had to virtualize OPNsense because of this and run it under Proxmox and could not run Bare metal..  Had to have Pi-hole and it's a waste of the system to not be able to do it under 1 roof

AdGuard Home lacks the visualization, can't stand it

4

General Discussion / I can't figure out how to block IP addresses

« on: February 13, 2024, 08:44:11 pm »

Hello there, I am trying to learn how to block individual IP addresses and it isn't working for me.  I want to block any DNS servers my Amazon Fire Tablet is using to sneak past my Pi-hole, starting with 8.8.8.8 as a test run.  But it's not working.

I created an Alias, and inserted 8.8.8.8 as the content (reduced this to just 1 IP after noticing my entire list did not work either)

Then, I went to Rules -> Floating and thought I did everything right?  Picture is attached for all settings.

It does not work.  8.8.8.8 is fully reachable, pingable, everything, even after hitting apply.  Why?  And needless to say ads are getting through via 8.8.8.8 which Fire Tablets add as a forced 3rd DNS server

Pics attached of both Alias and Rule

Thanks for any help

I tried changing to Host(s) instead of URL(IPs) with no change, still lets it through

5

General Discussion / How do you change or install new themes in OPNsense?

« on: December 31, 2023, 09:19:09 pm »

I am still using the default theme

It's very white!

6

23.7 Legacy Series / Re: Xbox and PC Nat

« on: December 01, 2023, 07:41:56 pm »

I just upgraded my live opnsense router to the latest version and my xbox nat status has stayed as "open" after the upgrade using this guide here. hope it helps
https://ultramookie.com/2020/05/opnsense-xbox-live/

I followed this guide to the tee, yet somehow it still isn't working for me - Xbox Series X is reporting STRICT as the NAT type even after applying all of the changes..  I am absolutely puzzled

7

Tutorials and FAQs / Re: PSN / PS4 / PS5 Nat Type 2 Tutorial

« on: December 01, 2023, 07:13:43 pm »

Hi there, I followed these instructions but it has not worked for me.  Xbox is reporting it's still STRICT when I do the network test.

I created an Alias named CONSOLES which contain the static IP address of both my Xbox and PS5, and then thought I followed the instructions in your screenshot to create the entry as described - but no success at all.  I have pressed APPLY changes of course..

8

Virtual private networks / Re: Wireguard GUI Options missing

« on: November 27, 2023, 09:51:38 pm »

That information, for me, is under VPN -> WireGuard -> Diagnostics

I view handshake information, traffic, status, and endpoint addresses here.

Screenshot attached

9

Virtual private networks / Re: How do I make incoming WireGuard users traffic go through VPN?

« on: November 27, 2023, 09:12:42 pm »

Still looking for help with this!  I can connect to my home network through WireGuard and access everything as needed, but I cannot figure out how to choose my VPN gateway so internet traffic isn't going through the WAN and exposing my home IP address.

I have tried adding the internal 10.10.10.2 IP which I am assigned to the Firewall Aliases for my VPN of choice, as this works perfectly for any devices on my LAN, but it does not appear to go through there for 10.x.x.x IP's?  It must be needed specifying elsewhere?

I am willing to make a donation for the help as it's the final piece of my puzzle I need resolved.  And I have AnyDesk installed for remote support or TeamViewer

Thanks again

I just found the same question but for a PFSENSE installation: https://www.reddit.com/r/PFSENSE/comments/yaplg8/routing_wireguard_clients_via_vpn_gateway/

Trying to figure out what he did though

EDIT - I think he helped me !!  You have to go back to the Firewall -> Rules -> LAN section then press CLONE on one of the existing !RFC1918 rules, then change the LAN interface to HomeWireGuard.  Then, you go into the ALIASES and enter the 10.x.x.x IP you're assigned as the WG client while roaming under the matching ALIAS.. 

It's the one thing I never messed with in all this time .. Preliminary tests I think are finally working as intended!  I will report back!  Thanks anyways OPNsense Forum for putting up with me repeating myself, I will still make a donation once I can confirm this is doing what I want it to

10

Virtual private networks / Re: How do I route all traffic to external VPN?

« on: November 23, 2023, 06:50:17 am »

I have AnyDesk installed and am prepared to grant anybody access to it who thinks they can assist with this - and I'd post detailed information on how to resolve this, once it's resolved - as you can see many of the top posts in this forum are regarding this topic.

I have nothing to lose, nor risk, on this machine and can easily restore from backup when the experimentation is done

I have:

Established tunnels and gateways as per instructions
Established and port forwarded wireguard so its ready to receive clients

I am ready for any assistance, thank you

11

Virtual private networks / Re: Selective routing to VPNUnlimited.

« on: November 23, 2023, 06:47:47 am »

Need help with exact same thing

There is no helpful information in OPNsense to inform you on how to direct traffic once the tunnels are up

12

Virtual private networks / Re: How do I route all traffic to external VPN?

« on: November 17, 2023, 05:21:42 pm »

There's very little support or documentation for any of us messing with External VPN's.  I've been posting here looking for help for days now and rarely does anybody contribute

OPNsense software is way overcomplicating things, as you've seen by simply trying to follow that selective routing guide, it should've been possible in less than half the steps.  And once the guide is done and followed to the tee, they leave you completely dry with how to make use of it afterwards!

13

Virtual private networks / Re: How do I make incoming WireGuard users traffic go through VPN?

« on: November 17, 2023, 05:20:43 pm »

I am still stuck and looking for help, and willing to make a donation if we can figure it out.

Maybe someone can do all of the work themselves at home if they simply have a VPN service like Nord or Mullvad..  Just follow the Wireguard Selective Routing to External VPN guide to establish any VPN connection: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

and then follow the Road Warrior VPN setup guide to run a server you can connect to from on the road: https://docs.opnsense.org/manual/how-tos/wireguard-client.html

At the end of this you'll have both a VPN tunnel & gateway established, and your own home server listening for Wireguard connections.

But once your wireguard is connected, how do you force the traffic through the External VPN?

Thanks again

14

Virtual private networks / Re: How do I make incoming WireGuard users traffic go through VPN?

« on: November 15, 2023, 05:27:04 pm »

I installed AnyDesk onto my PC if anyone has 2 mins time and want to make short work of the problem instead of struggling through screenshots as well..  Would be happy to donate for the help as this is the last major thing I need working and I can say OPNsense is doing what I want it to

Thanks again

15

Virtual private networks / Re: How do I make incoming WireGuard users traffic go through VPN?

« on: November 15, 2023, 05:13:09 pm »

Hi again, and thanks again for your reply

I don't really understand the vast sets of rules in there myself - these are a result of following the OPNsense guides which I found confusing from start to finish, but luckily worked for me even though I did not understand them at all.  To be honest I thought it might be easier, but it wasn't, and I had to follow long guides full of instructions that didn't really make a lot of sense so I wish I could explain it better but I don't understand them myself

Also a bit unsure what you meant by the last comment, about doing the same as needed for the Wireguard interface..  did you mean a screenshot?  In this area?  https://imgur.com/a/4AOHaBh

Sorry again I am a confused newbie