Messages

1

Virtual private networks / some strange problems with IPsec

« on: April 01, 2024, 09:12:11 am »

People once again i need your help!
I have 2 IPsec channels everything was ok rules working, no problems at all!
as for now all status on interfaces INSTALLED but one has traffic the second no!

PS ALL RULES ARE DOUBLE CHECKED AND THEY ARE FINE

2

General Discussion / Re: Unifi and Opnsense don`t want to work together

« on: March 27, 2024, 08:25:33 am »

Thanks for reapply people. this conversation is closed.
now it unify is off and works standalone

3

General Discussion / Re: IPsec is going crasy

« on: March 27, 2024, 08:23:58 am »

Thanks for answer yeah maybe you are right.
but i manage to make it work and when i changed the server hardware the appeared once more.

4

General Discussion / Re: IPsec is going crasy

« on: March 19, 2024, 06:02:50 pm »

IPsec rules
Protocol   Source     Port   Destination   Port     Gateway          
IPv4          ICMP     *         *              *   wan_gateway               
IPv4          TCP/UDP     *         *              *   wan_gateway               
IPv4 *   IPsec net     *         *                 *   wan_gateway   

LAN rules
Default

WAN
Protocol        Source        Port    Destination     Port   
IPv4 ESP        IPsec net    *          WAN address   *
IPv4 TCP/UDP IPsec net       *          WAN address   500 (ISAKMP)
IPv4 TCP/UDP IPsec net       *          WAN address   4500 (IPsec NAT-T)
 

5

General Discussion / IPsec is going crasy

« on: March 19, 2024, 04:55:00 pm »

Colleagues, please help i cannot understand the situation.

I have configured an IPv4 tunnel from Host A to host B
all configs on both sides are identical.
So, what happen exactly Ipsec is connected and all working fine accept that it`s working one way only,
like from side A to B all good (all services are working) from side B (Nothing work) no ping no RDP!
and the most interesting thing it goes down but on IPsec=>Status overview all good
what can it be?

6

General Discussion / Re: Unifi and Opnsense don`t want to work together

« on: March 11, 2024, 03:08:27 pm »

the command from my authority was like this:
1. this USG is too old and have a lot of problems
2. they don`t want to change it they want something like this:
ISP => USG => OPNsense => switch
USG and Switch is on a same subnet, as i understood to achieve what they is to change the IP of switch right?

7

General Discussion / Re: I want to ask for monit question. But I don't know what is opnsense. Is it ok?

« on: March 11, 2024, 09:03:08 am »

As i understood MONIT is a plugin that send notifications to your e-mail if something happend.
or you have a different question?

8

General Discussion / Unifi and Opnsense don`t want to work together

« on: March 11, 2024, 09:00:05 am »

Colleagues, please need your help to put OPNsense (HBSD based) behind USG-pro.
my office toplogy is like this:
1. ISP router
2. Unifi (USG-pro4) - static ip 192.168.1.1
3. Unifi Edge switch

So, what is the problem, i need to put an OPNsense behind USG-pro, the problem is that our head admin make a config like this LAN on USG is 192.168.1.1 => Unifi Edge switch 192.168.1.3! as i understood to connect my OPNsense i need to have a config like this:
LAN on USG is 192.168.1.1 => WAN on OPN 192.168.1.2 => LAN OPNSense 192.168.1.3 Unifi Edge switch 192.168.1.4
Or i miss something?