1
General Discussion / Re: Automatic firewall rule that prevents my LAN
« on: June 05, 2024, 10:00:06 am »Thanks for your feedback.
Despite this configuration with the alias, the rejection remains the same..
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
Thanks for your feedback.
Despite this configuration with the alias, the rejection remains the same..
2
French - Français / Regle automatique empèche mon LAN
« on: June 05, 2024, 09:25:56 am »
Bonjour,
Je rencontre une difficulté.
J'ai une règle en place qui autorise mon LAN IPv4 à communiqué avec mon WAN adresse :
Protocol IPv4 source "ip de mon lan" port "any" destination "wan adresse" port "any" passerelle "par defaut"
Malgré cette règle j'ai la règle pas defaut qui me bloque :
Source "IPlan:54941" destination "8.8.4.4:53" protoclole "udp" label "Default deny / state violation rule"
Je n'arrive pas à outrapsser la regle automatique.
Pouvez-vous m'aider svp ?
Je rencontre une difficulté.
J'ai une règle en place qui autorise mon LAN IPv4 à communiqué avec mon WAN adresse :
Protocol IPv4 source "ip de mon lan" port "any" destination "wan adresse" port "any" passerelle "par defaut"
Malgré cette règle j'ai la règle pas defaut qui me bloque :
Source "IPlan:54941" destination "8.8.4.4:53" protoclole "udp" label "Default deny / state violation rule"
Je n'arrive pas à outrapsser la regle automatique.
Pouvez-vous m'aider svp ?
3
General Discussion / Automatic firewall rule that prevents my LAN
« on: June 05, 2024, 09:25:12 am »Good morning,
I am encountering a difficulty.
I have a rule in place that allows my IPv4 LAN to communicate with my WAN address:
Protocol IPv4 source "ip of my lan" port "any" destination "wan address" port "any" gateway "default"
Despite this rule, I have the default rule that blocks me:
Source "IPlan:54941" destination "8.8.4.4:53" protocol "udp" label "Default deny / state violation rule"
I can't override the automatic rule.
Can you help me please ?
4
General Discussion / Re: WEBGUI inaccessible via WAN
« on: May 03, 2024, 01:51:38 pm »
I'm so stupid... it's not like I saw that my public IP came with several different ports and not just 4443...
In any case, it works! Thanks a lot !
On the other hand, I cannot get the understanding of:
with the wrong source port, I can access the webgui, without LAN added. However, as soon as I add a LAN, I no longer have access to it. It's really this understanding that I don't master.
In any case, it works! Thanks a lot !
On the other hand, I cannot get the understanding of:
with the wrong source port, I can access the webgui, without LAN added. However, as soon as I add a LAN, I no longer have access to it. It's really this understanding that I don't master.
5
General Discussion / WEBGUI inaccessible via WAN
« on: May 02, 2024, 05:16:50 pm »
Good morning,
Here is my project, I have an OPNsense instance on the OVH Public Cloud.
I have access to my Webgui via my WAN address and it suits me perfectly, only as soon as I activate a LAN interface, I no longer have access to my graphical interface via the WAN.
I only have access to it if I make the shell command pfctl -d. A deactivation of my firewall.
Yet I have a rule in place that is like this:
Traffic entrant : Protocole : TCP ; Source : My IP Public ; Port : 4443 ; Destination : This Firewall ; Port : 4443
And yet if I don’t order pfctl -d , When I add a LAN interface, I can’t access my OPNsense on the web.
In the logs I find this refusal : INT WAN -> Traffic entrant -> My IP Public:52475 -> IP PUBLIC on my OPNsense:4443 -> Protocole tcp -> Default deny / state violation rule
I look forward to your help!
Thanks
Here is my project, I have an OPNsense instance on the OVH Public Cloud.
I have access to my Webgui via my WAN address and it suits me perfectly, only as soon as I activate a LAN interface, I no longer have access to my graphical interface via the WAN.
I only have access to it if I make the shell command pfctl -d. A deactivation of my firewall.
Yet I have a rule in place that is like this:
Traffic entrant : Protocole : TCP ; Source : My IP Public ; Port : 4443 ; Destination : This Firewall ; Port : 4443
And yet if I don’t order pfctl -d , When I add a LAN interface, I can’t access my OPNsense on the web.
In the logs I find this refusal : INT WAN -> Traffic entrant -> My IP Public:52475 -> IP PUBLIC on my OPNsense:4443 -> Protocole tcp -> Default deny / state violation rule
I look forward to your help!
Thanks
6
French - Français / WEBGUI inaccessible via WAN
« on: May 02, 2024, 04:52:37 pm »
Good morning,
Here is my project, I have an OPNsense instance on the OVH Public Cloud.
I have access to my Webgui via my WAN address and it suits me perfectly, only as soon as I activate a LAN interface, I no longer have access to my graphical interface via the WAN.
I only have access to it if I make the shell command pfctl -d. A deactivation of my firewall.
Yet I have a rule in place that is like this:
Traffic entrant : Protocole : TCP ; Source : My IP Public ; Port : 4443 ; Destination : This Firewall ; Port : 4443
And yet if I don’t order pfctl -d , When I add a LAN interface, I can’t access my OPNsense on the web.
In the logs I find this refusal : INT WAN -> Traffic entrant -> My IP Public:52475 -> IP PUBLIC on my OPNsense:4443 -> Protocole tcp -> Default deny / state violation rule
I look forward to your help!
Thanks
Here is my project, I have an OPNsense instance on the OVH Public Cloud.
I have access to my Webgui via my WAN address and it suits me perfectly, only as soon as I activate a LAN interface, I no longer have access to my graphical interface via the WAN.
I only have access to it if I make the shell command pfctl -d. A deactivation of my firewall.
Yet I have a rule in place that is like this:
Traffic entrant : Protocole : TCP ; Source : My IP Public ; Port : 4443 ; Destination : This Firewall ; Port : 4443
And yet if I don’t order pfctl -d , When I add a LAN interface, I can’t access my OPNsense on the web.
In the logs I find this refusal : INT WAN -> Traffic entrant -> My IP Public:52475 -> IP PUBLIC on my OPNsense:4443 -> Protocole tcp -> Default deny / state violation rule
I look forward to your help!
Thanks
7
French - Français / Sérialisation des ID avec du QCOW2
« on: December 15, 2023, 02:54:16 pm »
Bonjour,
Je vous explique mon projet, J'ai créé un OPNsense.qcwo2 pour me servir de base pour en déployer plusieurs par la suite.
Malgré mes recherches sur le forum et sur les docs, je n'ai pas trouvé de réponses à ma questions.
Savez-vous si dans le qcow2 il y a une sérialisation des ID et qu'il faudra effectuer une commande du style sysprep sous Windows ou si je n'aurai pas de conflit si ils viennent à être dans le même réseau?
Je vous remercie d'avance.
Je vous explique mon projet, J'ai créé un OPNsense.qcwo2 pour me servir de base pour en déployer plusieurs par la suite.
Malgré mes recherches sur le forum et sur les docs, je n'ai pas trouvé de réponses à ma questions.
Savez-vous si dans le qcow2 il y a une sérialisation des ID et qu'il faudra effectuer une commande du style sysprep sous Windows ou si je n'aurai pas de conflit si ils viennent à être dans le même réseau?
Je vous remercie d'avance.
Pages: [1]