Messages

few questions :

- Does captive portal auth log is stored somewhere ? (are they rsylog  compliant) ?
- Captive portal is not the same as pfsense one , why ? (there is more options)
- Captive portal as no HSTS option : this cause a big issue under Chrome (firefox end edge are ok)

thank you.

ok , thank you, i will do that.

Hello Cedrik, thank you for your answer.

So the answer is , they cannot work together, if i'm understanding ?

If we decide to only use captive portal : is Captive portal is logging web access site (for identified users)?

Or perhaps it's better to user squid with an authent page etc ?

hello,
we are testing Captive portal + squid.
They re working each other but not together.
Is there a good tutorial for this deployement ?

As other updates ...

DNS is not so crucial for web browsing ... which is about 90% of web activity : and in opnsense (24.7.3_1   ) , boom after EVERY update unbound is crashed ?

WHy ?

2024-09-01T12:59:26   Error   unbound   Unable to open pipe. This is likely because Unbound isn't running.   
2024-09-01T12:59:16   Notice   unbound   Backgrounding unbound logging backend.

As other people here !

if this is a joke ... it's not good.

DNS is not so crucial for web browsing ... which is about 90% of web activity : and in opnsense (24.7.3_1   ) , boom after EVERY update unbound is crashed ?

WHy ?

2024-09-01T12:59:26   Error   unbound   Unable to open pipe. This is likely because Unbound isn't running.   
2024-09-01T12:59:16   Notice   unbound   Backgrounding unbound logging backend.

As other people here !

if this is a joke ... it's not good.

is it a strange question ?

hi,

i need to give hostname.domain with ip 192.168.1.10 on interco.wan interface AND hostname.domain with 10.10.10.10 on lan interface.

So i need to have the equivalent of "BIND views" (custom DNS solving for each interface)  for unbound : but there is no options do to that with gui.

So i decide to use dnsMasq strict binding option on interco.wan (port 53) only, then bind unbound binding on lan interface (port 53 too) ... but it's conflicting.
Is this an known issue ?

thank you for reading me.

Reply to my self : the issue was due to ISC DHCP , i have filled with first my opnsense as DNS and 1.1.1.1 ... and bingo roundrobin on those "two DNS server".

So i have 3 bind : one for interco-isp, one for dmz and anther for wifi , and haproxy is ok with unbound and DNS overwrites.
But there is always the problematic of host connected to interco-isp ...
because isc dhcp on interco-isp is actually  giving ISP gateway and DNS on this gateway.

Hello,

i need to setup up my firewall in order to access my internal web sites.
This firewall is below an ISP box.
those web sites are hosted under two network zones : DMZ and WIFI
Access from internet (WAN )  is ok acces is done by my public front end haproxy setup.
But i can't achieve to access those same sites , with the same url (for sure) when i'm in my LAN .
Do you have any setup example for this use case ?

Note : i have setup 3 public frontend in order to server ... internet access, and the other two zones (wifi + dmz)
i'm skilled with HAPRoxy but with opnsense i can't see real log file ... NOSRV line for example ;-)

I notice that for all my websites (unbound is ok because ping give me the correct IP address for each zone ),    are passing throught the INTERCO zone (zone/interface connected to ISP box)  , and accross  DMZ or WIFI (bind to under haproxy frontend) , why ?

Another question : HAProxy do not produce log in /var/log/haproxy ? (so how to debug ?)

thank you.

Edit : sometimes it's work sometimes not , this 24.1 is a weird release , am i alone to have so many issue ?