"
Oh man, sorry. I got the cables mixed up and connected LAN to WAN!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
Zenarmor (Sensei) / So many devices!
June 15, 2024, 08:09:30 AM
I was getting close to deploying my OPNsense & Zenarmor combination as a transparent bridge, but then it started to add a crazy amount of devices. Many of them it seems are not devices, but just IP addresses of sites i've been visiting and testing.
Any idea what's going on? I am going to use the Home licenses and it has a limit of 100. Right now, with minimal testing, it's already hitting 101.
Any idea what's going on? I am going to use the Home licenses and it has a limit of 100. Right now, with minimal testing, it's already hitting 101.
#3
General Discussion / Re: Strange issue updating packages
June 13, 2024, 05:52:46 AM
Fixed it!
I had to go System > Gateways > Configuration.
Add a new gateway with the following settings.
This fixed the issue.
I had to go System > Gateways > Configuration.
Add a new gateway with the following settings.
QuoteName: Internet gateway
Interface: Bridge
Address Family: IPv4
IP Address: 192.168.1.1
Upstream Gateway: Enabled
This fixed the issue.
#4
General Discussion / Strange issue updating packages
June 13, 2024, 05:40:05 AM
I have the following setup, I followed this guide because I intend to install ZenArmour.
https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense
Version: OPNsense 24.1.8-amd64
Two interfaces in bridge mode:
LAN (opt1)
device: re0
link type: none
WAN (opt2)
device: re1
link type: none
Bridge (opt3)
device: bridge0
link type: static
IPv4: 192.168.1.2/23
Routes: 192.168.0.0/23
Network topography is...
Internet > Arris modem > Unifi USG Lite gateway > OPNsense device > Unifi Switch connected to the rest of my local network
Bridge is working great, all traffic from my network is passing over the bridge without issue. Now I wanted to install ZenArmour, but when I go to System > Firmware > Status and Check for updates, it fails with the error "Could not find the repository on the selected mirror."
Updates log shows...
I figured somehow DNS wasn't working, so I went to Interfaces > Diagnostics > DNS Lookup and entered "pkg.opnsense.org". I got the following reply.
Response
Type Answer Server Query time
A pkg.opnsense.org. 900 IN A 89.149.222.99 192.168.1.4 28 msec
AAAA pkg.opnsense.org. 900 IN AAAA 2001:1af8:5300:a010:1::1 192.168.1.4 27 msec
So DNS seems to be working fine, that's my local DNS server that's external to the OPNsense device that forwards requests onto my Cloudflare DNS resolvers.
I resolved "pkg.opnsense.org" to 89.149.222.99 on another device and attempted to ping it from Interfaces > Diagnostics > Ping
All packets failed, with the error "sendto: No route to host".
If I ping any address on my 192.168.1.0 network, those pings do work.
I looked at the "IPv4 gateway rules" option on the Bridge interface, but it just says "Disabled". I don't see a way to specify the default route.
Any ideas what's going on? The bridge is working, but the OS doesn't seem to know a valid route to the internet.
https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense
Version: OPNsense 24.1.8-amd64
Two interfaces in bridge mode:
LAN (opt1)
device: re0
link type: none
WAN (opt2)
device: re1
link type: none
Bridge (opt3)
device: bridge0
link type: static
IPv4: 192.168.1.2/23
Routes: 192.168.0.0/23
Network topography is...
Internet > Arris modem > Unifi USG Lite gateway > OPNsense device > Unifi Switch connected to the rest of my local network
Bridge is working great, all traffic from my network is passing over the bridge without issue. Now I wanted to install ZenArmour, but when I go to System > Firmware > Status and Check for updates, it fails with the error "Could not find the repository on the selected mirror."
Updates log shows...
Quote***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.1.8 at Thu Jun 13 03:33:08 UTC 2024
Fetching changelog information, please wait... fetch: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/changelog.txz: Network is unreachable
Updating OPNsense repository catalogue...
pkg: Repository OPNsense has a wrong packagesite, need to re-create database
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/meta.txz: Network is unreachable
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/packagesite.pkg: Network is unreachable
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/packagesite.txz: Network is unreachable
Unable to update repository OPNsense
Error updating repositories!
pkg: Repository OPNsense has a wrong packagesite, need to re-create database
pkg: Repository OPNsense cannot be opened. 'pkg update' required
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***
I figured somehow DNS wasn't working, so I went to Interfaces > Diagnostics > DNS Lookup and entered "pkg.opnsense.org". I got the following reply.
Response
Type Answer Server Query time
A pkg.opnsense.org. 900 IN A 89.149.222.99 192.168.1.4 28 msec
AAAA pkg.opnsense.org. 900 IN AAAA 2001:1af8:5300:a010:1::1 192.168.1.4 27 msec
So DNS seems to be working fine, that's my local DNS server that's external to the OPNsense device that forwards requests onto my Cloudflare DNS resolvers.
I resolved "pkg.opnsense.org" to 89.149.222.99 on another device and attempted to ping it from Interfaces > Diagnostics > Ping
All packets failed, with the error "sendto: No route to host".
If I ping any address on my 192.168.1.0 network, those pings do work.
I looked at the "IPv4 gateway rules" option on the Bridge interface, but it just says "Disabled". I don't see a way to specify the default route.
Any ideas what's going on? The bridge is working, but the OS doesn't seem to know a valid route to the internet.
Pages1
