Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - MrLee

Pages1
#1
General Discussion / Feature Request: ASN Table like URL Tabel (IPs)
October 30, 2024, 01:52:19 PM
I use my OPNSense router on the edge of a corporate network that hosts VPN.  as everyone knows there are large vpn brute force campaigns going on around the world.

when I find an ASN that is guilty of many attempts at a brute force attempt towards our systems, I block the ASN in a BGP ASN alias.  this is becoming very large as you could imagine and I need to manually update multiple routers.

it would be great if there was a way to have an ASN tables list on a server the way the URL Tables (IP) works so i could list all the ASNs that I need in the alias.
this would eliminate me having to touch every device any time I find an ASN that is offending.
#2
General Discussion / Re: URL Tables IP not populating
March 22, 2024, 01:14:00 PM
I figured out the issue so I figured I'd post the fix.

it appears that IPv6 was trying to do all my DNS requests from the firewall.
the Comcast circuit apparently handles this while the verizon one does not.

after disabling IPv6 on the device, DNS started resolving my aliases and downloading content.

I followed the instructions here to disable IPv6
https://www.reddit.com/r/OPNsenseFirewall/comments/wh6if3/easiest_and_most_complete_way_to_disable_ipv6/
#3
General Discussion / URL Tables IP not populating
March 21, 2024, 04:31:40 AM
I have 2 identical OPNSense firewalls running on 2 different circuits.
One on a Comcast Circuit  OPNsense 24.1.3-amd64
One on a Verizon Circuit. OPNsense 24.1.4-amd64

I have matched the IP URL Table aliases on each router.

apart from the wan/lan ip addresses and default for each device, they should be identical.

the comcast URL Table (IPs) seem to update regularly.
the Verizon one has never updated and has 0 entries for all of them.

any help or direction would be greatly appreciated. 
is there a way to troubleshoot this?

the verizon device works perfectly as a router, but I need the IP Tables for my firewall rules
#4
General Discussion / Re: OPN Sense as Edge Router can't SNMP from LAN to Internet
March 20, 2024, 05:47:59 PM
I will try during off hours tonight.

thanks for the advice.
#5
General Discussion / Re: OPN Sense as Edge Router can't SNMP from LAN to Internet
March 20, 2024, 05:36:22 PM
will the block rules still work?

that's my main reason for switching from the router I had.
#6
General Discussion / OPN Sense as Edge Router can't SNMP from LAN to Internet
March 20, 2024, 04:38:19 PM
my apologies if this was answered anywhere, but I couldn't find my specific issue.

I'm attempting to install OPNSense as an edge router between 2 public IP Address Spaces (like an ISP router)
There are a few firewalls on the LAN side of the OPNSense.

I'm using OPNSense to block access to my "LAN" devices from known bad IP lists (TOR/CI Army, etc.)

I'm using Floating rules and it is working fine in this manner,

I have a few devices that I monitor on the internet via SNMP, and I cannot reach them. 

is it possibly a default rule blocking SNMP out to the internet, and is there a way to override this?
or maybe it's double NAT



Pages1