Messages

ZA is a NGFW/IPS/IDS, its function is to inspect and understand traffic and/or patterns. Routing as such is done on OPNsense.

what do you mean by tagging? How to you TAG the traffic? Where do you TAG it?

Regards,
S.

In Untangle it's under the Events application that you can tag hosts when the traffic matches a specific criteria:



Then you go over to the Tunnel VPN application and create a rule to route that traffic over a specific tunnel (or any available tunnel) based off of the tag that was assigned in the above step.


You can route/block traffic in OPNsense using tags as well as I use that for the WireGuard Killswitch where a the rule that tells the traffic to go over the WireGuard tunnel (based on IP) sets a local tag of NO_WAN_EGRESS and then the KillSwitch rule checks for that tag and blocks the traffic if the Destination is the WAN rather than a tunnel.

I just don't see a way to have something like Zenarmor set a tag so that I can do something like Untangle does.

Is this possible as it's something I used a lot in Untangle so that I could send say BitTorrent traffic out over a VPN without having to know the clients IP beforehand?

I'd tag the traffic and then Tunnel VPN would look for that tag and send the traffic out over an established tunnel.

I just updated on my Home subscription instance and it doesn't appear that multi-threading is available so that's a huge bummer.

I'll see what they have to say but I'm not too interested in SASE so I'll just keep going as is or disable IPS/IDS I guess.

Even 2 or 4 cores would be a huge improvement.

I'm going to be very disappointed if they don't give paid home users something.

Even raising the price or having a higher tier home plan would be fine with me.

I'm not happy at all about not getting multi-core support as a paid home license user.

I run on older hardware and have been looking forward to this feature for years now not knowing it'd be locked behind a paywall.

I guess I'll see if I keep my subscription or not depending on what they do when it's finally ready.

I left Untangle for this kind of stuff so dumping Zenarmor is an option as well.

I didn't realize the policy count had increased....awesome!

I also wish that multi-threading was available since I don't have the fastest single core speeds but I have lots of cores to throw at the processing.

Example

Thanks!  I must have missed that somehow in the documentation as I thought it was IP only.

I'm trying to figure out how to add FQDN's as aliases but thus far am striking out.

Is this possible?

Specifically, I'm using this to allow people with DDNS to connect to my servers when they sign up for No-IP and get a FQDN.

Yeah they do that on occasion.

https://forum.opnsense.org/index.php?topic=45472.0

I'm not sure what this means as I'm not FreeBSD expert.  Does anyone have any ideas?

I have CrowdSec, ZenArmor, and a couple other basic Plugins installed but I'm not sure what to do.  It's happening on my lab system as well.

PHP Startup: Unable to load dynamic library 'mongodb.so' (tried: /usr/local/lib/php/20230831/mongodb.so (Cannot open "/usr/local/lib/php/20230831/mongodb.so"), /usr/local/lib/php/20230831/mongodb.so.so (Cannot open "/usr/local/lib/php/20230831/mongodb.so.so")) in Unknown on line 0

I have a couple that are the same color and would like to change them if that's possible?

***********Disregard...after about 15 minutes they just appeared.*************

I accidently installed using ZFS when I installed OPNsense on Proxmox so I just reinstalled.

I restored a backup of Zenarmor, however, I'm not seeing any sessions in Live Sessions under any tab.

What can I look at to troubleshoot?

My subscription is reporting as being active and I have the LAN interface selected correctly.

I'm guessing then that my best option is to create a new VM with UFS and import the config, correct?