"Quote from: Patrick M. Hausen on December 29, 2024, 10:42:12 AMChange destination to "LAN net" with "destination invert" activated.
It worked.
Thanks a lot Patrick for the quick and fast resolution.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
24.7, 24.10 Legacy Series / Re: Is WireGuard blocking LAN NTP requests?
December 29, 2024, 11:05:37 AMIt worked.
Thanks a lot Patrick for the quick and fast resolution.
#2
24.7, 24.10 Legacy Series / Re: Is WireGuard blocking LAN NTP requests?
December 29, 2024, 10:25:54 AM
There is one floating rule
#3
24.7, 24.10 Legacy Series / Is WireGuard blocking LAN NTP requests?
December 29, 2024, 09:54:12 AM
Hello there.
I setup a bare metal OPNsense firewall/router for my home lab LAN, and is running fine with no particular issues.
The box is acting also as NTP server for the whole LAN, until the dedicated NTP+PTP and DHCP IPv4+IPv6 Kea servers will be operational.
All my outbound traffic, no exceptions, need to be routed through my VPN provider, so I enabled WireGuard and configured with Mullvad. It seems working correctly, according the Mullvad check leaks website.
And here the fun starts: after implementing WG the LAN clients cannot access anymore the OPNsense NTP server.
I wish all LAN clients NTP requests remain in the local LAN, no NTP requests should go outside, but I do not understand why this behaviour from WG.
All other LAN service are functional, just NTP is having issues.
Probably is a matter to set a rule in the firewall, but it shouldn't be done by WG?
Any help would be greatly appreciated.
I setup a bare metal OPNsense firewall/router for my home lab LAN, and is running fine with no particular issues.
The box is acting also as NTP server for the whole LAN, until the dedicated NTP+PTP and DHCP IPv4+IPv6 Kea servers will be operational.
All my outbound traffic, no exceptions, need to be routed through my VPN provider, so I enabled WireGuard and configured with Mullvad. It seems working correctly, according the Mullvad check leaks website.
And here the fun starts: after implementing WG the LAN clients cannot access anymore the OPNsense NTP server.
I wish all LAN clients NTP requests remain in the local LAN, no NTP requests should go outside, but I do not understand why this behaviour from WG.
All other LAN service are functional, just NTP is having issues.
Probably is a matter to set a rule in the firewall, but it shouldn't be done by WG?
Any help would be greatly appreciated.
#4
Hardware and Performance / unable to reach GPON GUI or telnet
September 09, 2024, 05:16:01 PM
Hello,
I'm quite an OPNsense newbie and I'd like ask some help with the firewall.
I installed OPNsense 24.7 on a bare metal, with one dual SFP+ NIC. On this NIC are attached the LAN (10G module) and a Ethernet 1G module for the WAN connection.
The ethernet cable is connected to the provider' ONU in bridge mode that translate fiber connection into ethernet to the OPNsense firewall. OPNsense handle the PPPoE connection.
LAN side is a 10.0.0.0/24 network, and WAN side is a 192.168.1.0/24 network.
I can browse internet, do normal stuffs with the connection and I set a firewall Outbound rule to reach the provider ONU (it works). So basically everything works.
When I try to eliminate the external provider ONU and use the Leox LXT-010S-H GPON module directly attached to my bare metal OPNsense NIC, I cannot reach the GPON web interface, despite my attempt to properly set the firewall rules.
The GPON module is perfectly working, that I tested with an external media converter, and I guess the issue is in my firewalling settings.
I tried also to change the GPON IP setting (while in the external media converter) to match the provider' ONU (192.168.1.1/24) but cannot get the GPON web page.
Does somebody has suggestions how to properly setup the firewall rules in order to reach the GPON web and telnet interfaces, or any other hint to help me?
Many thanks in advance!
I'm quite an OPNsense newbie and I'd like ask some help with the firewall.
I installed OPNsense 24.7 on a bare metal, with one dual SFP+ NIC. On this NIC are attached the LAN (10G module) and a Ethernet 1G module for the WAN connection.
The ethernet cable is connected to the provider' ONU in bridge mode that translate fiber connection into ethernet to the OPNsense firewall. OPNsense handle the PPPoE connection.
LAN side is a 10.0.0.0/24 network, and WAN side is a 192.168.1.0/24 network.
I can browse internet, do normal stuffs with the connection and I set a firewall Outbound rule to reach the provider ONU (it works). So basically everything works.
When I try to eliminate the external provider ONU and use the Leox LXT-010S-H GPON module directly attached to my bare metal OPNsense NIC, I cannot reach the GPON web interface, despite my attempt to properly set the firewall rules.
The GPON module is perfectly working, that I tested with an external media converter, and I guess the issue is in my firewalling settings.
I tried also to change the GPON IP setting (while in the external media converter) to match the provider' ONU (192.168.1.1/24) but cannot get the GPON web page.
Does somebody has suggestions how to properly setup the firewall rules in order to reach the GPON web and telnet interfaces, or any other hint to help me?
Many thanks in advance!
#5
Hardware and Performance / [Fixed] AMD hw random reboot
July 02, 2024, 10:50:29 AMThat's correct, as I discovered by myself: A combination of MSI X470 Gaming Plus Max and Ryzen 5 5600G simply doesn't work at all.
During boot the system lists a lot of MCA errors.
Quote from: connervt on June 23, 2024, 11:24:06 PM
Early Ryzen CPUs (ZEN/ZEN+) had some issues running Linux OS, though it typically manifests as system lock up vs rebooting. Later CPUs seem to work much better, as there are many data centers running the same processor die (EPYC).
I questioned AMD about the MCA errors and the answer was: you're on yourself since you're using an unsopported OS. :-X
Then MSI, that I questioned too, sent me unofficial BIOS to try.
But at that point the rig destiny was decided: I took it apart ans sold in pieces since I had no more time to spent for MSI as beta tester for their BIOS firmware.
Thanks all for supporting, and try to avoid MSI mobo + Ryzen APUs combo, unless you've time and resources for testing.
#6
Hardware and Performance / Re: AMD hw random reboot
June 22, 2024, 05:06:22 PMQuote from: Patrick M. Hausen on June 21, 2024, 07:01:22 PM
Something something disable power states in the BIOS. Don't remember from the top of my head, please search the forum or google.
Thanks fore the hint! I found something on net and here in forums related to PBO, that I disabled without any change.
Quote from: Greg_E on June 21, 2024, 07:31:27 PM
What NICs are you using? Could it be a Realtek NIC problem?
After that, can't help.
The only Realtek NIC present is the motherboard one, that I never used.
I have 3 PCI 10Gtek SFP+ cards with some RJ45 and 10G fiber modules, all the traffic pass throught them. The controller card's is Intel 82599
Quote from: cookiemonster on June 21, 2024, 11:30:06 PM
I prefer and use AMD everytime I can. No problems here.
Any clues in the logs? If not because it crashes hard, one option could be if you have another machine running is to send logs to it. Windows machines need not apply :)
Never reached the logs unfortunately. I could set up a spare machine for receiving the logs eventually, but at this point not sure it worth continue this way.
Thanks all!
#7
Hardware and Performance / [Fixed] AMD hw random reboot
June 21, 2024, 06:44:41 PM
Hello,
I'm experiencing a strange issue that is driving me nuts, and I'll appreciate any help you might throw here before I nuke'all with napalm...
I had an OPNsense baremetal running like a charm with an old i3 5th series, no issues on that.
First rule: don't repair what isn't broken... yep I know
Then the upgrade time come, so I had to move the OPN sense installation (or better I'm trying to...) to better hw to handle 2x 10G fiber parallel connections, Wireguard VPN and side sw like suricata etc.
My choice was an x470 mobo with a Ryzen 5600G and 32GB RAM, NVME for installation.
The first - and main - issue is that OPNsense reboot at random, so I first think about:
- a fault PSU (changed three),
- RAM (tested with MemTest),
- NVME support (changed),
- motherboard (changed with different model) and
- CPU too (changed with a Ryzen 2400G)
but it seems that, despite the tests I've done, OPNsense 24.1 and 23.7 with AMD hardware reboot at random.
Anyone else has experienced these kind of issues?
Thanks in advance
I'm experiencing a strange issue that is driving me nuts, and I'll appreciate any help you might throw here before I nuke'all with napalm...
I had an OPNsense baremetal running like a charm with an old i3 5th series, no issues on that.
First rule: don't repair what isn't broken... yep I know
Then the upgrade time come, so I had to move the OPN sense installation (or better I'm trying to...) to better hw to handle 2x 10G fiber parallel connections, Wireguard VPN and side sw like suricata etc.
My choice was an x470 mobo with a Ryzen 5600G and 32GB RAM, NVME for installation.
The first - and main - issue is that OPNsense reboot at random, so I first think about:
- a fault PSU (changed three),
- RAM (tested with MemTest),
- NVME support (changed),
- motherboard (changed with different model) and
- CPU too (changed with a Ryzen 2400G)
but it seems that, despite the tests I've done, OPNsense 24.1 and 23.7 with AMD hardware reboot at random.
Anyone else has experienced these kind of issues?
Thanks in advance
Pages1
