"
Ok, I am an homodebilus, it's the VPN didn't accept this subway.
And for the PVE to LAN subnet, I don't know but it's not important.
Thx for read me
And for the PVE to LAN subnet, I don't know but it's not important.
Thx for read me
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
General Discussion / Re: Adding an additional LAN interface
May 12, 2025, 06:47:53 PM
Stupid answer but reboot. There is some config works only on reboot.
#3
General Discussion / [RESOLVE] static route with WAN WG LAN and OPT
May 12, 2025, 09:49:53 AM
Hi,
On my router I have some interfaces:
The WAN
The WG-OZ it's VPN tunnel connected with another OPNSENSE in another country with his own remote LAN 10.2.1.x
The LAN 10.3.1.x
The PVE 10.3.2.x
I have a static route to use the GW with VPN for the subnet 10.2.1.0/24.
From LAN I have access to internet, the LAN subnet 10.3.1.x, the PVE subnet 10.3.2.x and remote LAN 10.2.1.x
From PVE I have access to internet, his own subnet 10.3.2.x and that's all.
My problem is I would like LAN and PVE have the same behaviour. From PVE access to remote LAN 10.2.1.x.
Any idea?
On my router I have some interfaces:
The WAN
The WG-OZ it's VPN tunnel connected with another OPNSENSE in another country with his own remote LAN 10.2.1.x
The LAN 10.3.1.x
The PVE 10.3.2.x
I have a static route to use the GW with VPN for the subnet 10.2.1.0/24.
From LAN I have access to internet, the LAN subnet 10.3.1.x, the PVE subnet 10.3.2.x and remote LAN 10.2.1.x
From PVE I have access to internet, his own subnet 10.3.2.x and that's all.
My problem is I would like LAN and PVE have the same behaviour. From PVE access to remote LAN 10.2.1.x.
Any idea?
#4
French - Français / Re: Public access et logs
May 12, 2025, 09:30:51 AM
Ok, je vais approfondir.
Merci
Merci
#5
French - Français / Public access et logs
April 23, 2025, 10:11:48 AM
Bonjour,
suivant la CNIL et surtout le passage sur Les données techniques:
Les données techniques permettant d'identifier la source de la connexion ou relatives aux appareils utilisés (adresse IP et port associé, numéro de l'identifiant, numéro d'identification, numéro de téléphone) doivent être conservées pendant un délai de 1 an.
Les données concernant la sécurité des réseaux et des installations
Les données suivantes peuvent être conservées pendant un délai de 3 mois maximum :
les données permettant d'identifier l'origine de la communication ;
les caractéristiques techniques ainsi que la date, l'horaire et la durée de chaque communication ;
les données techniques permettant d'identifier le ou les destinataires de la communication ;
les données relatives aux services complémentaires demandés ou utilisés et leurs fournisseurs.
https://www.cnil.fr/fr/fournir-un-acces-internet-public-quelles-obligations
Que dois je logger ? Je log pour l'instant les query et reply du service Unbound DNS. Une autre suggestion?
Gautier
suivant la CNIL et surtout le passage sur Les données techniques:
Les données techniques permettant d'identifier la source de la connexion ou relatives aux appareils utilisés (adresse IP et port associé, numéro de l'identifiant, numéro d'identification, numéro de téléphone) doivent être conservées pendant un délai de 1 an.
Les données concernant la sécurité des réseaux et des installations
Les données suivantes peuvent être conservées pendant un délai de 3 mois maximum :
les données permettant d'identifier l'origine de la communication ;
les caractéristiques techniques ainsi que la date, l'horaire et la durée de chaque communication ;
les données techniques permettant d'identifier le ou les destinataires de la communication ;
les données relatives aux services complémentaires demandés ou utilisés et leurs fournisseurs.
https://www.cnil.fr/fr/fournir-un-acces-internet-public-quelles-obligations
Que dois je logger ? Je log pour l'instant les query et reply du service Unbound DNS. Une autre suggestion?
Gautier
#6
General Discussion / SIP protocol thru 2nd gateway
April 14, 2025, 04:17:54 PM
Hi,
I have SIP phone on OVH with the sbc6.fr.sip.ovh domain. But where I actually live I cannot access to this domain.
Until now I use SIP phone connected to my router with redirection to another router in France via wireguard and everything was ok.
But this phone die and I would like to use softphone without redirect full ip flow but just the SIP.
If I use openvpn to connect to the router in France, I get my connection.
How should I do?
I have SIP phone on OVH with the sbc6.fr.sip.ovh domain. But where I actually live I cannot access to this domain.
Until now I use SIP phone connected to my router with redirection to another router in France via wireguard and everything was ok.
But this phone die and I would like to use softphone without redirect full ip flow but just the SIP.
If I use openvpn to connect to the router in France, I get my connection.
How should I do?
#7
General Discussion / [Solded] Re: ping OK but no internet with static client
November 24, 2024, 06:45:11 PM
It's work!
I just reinstall and know it's work...
I just reinstall and know it's work...
#8
General Discussion / ping OK but no internet with static client
November 20, 2024, 07:53:51 AM
I have this problem with fresh intsall
root@lithium:~# ping -c3 google.com
PING google.com (216.58.213.110) 56(84) bytes of data.
64 bytes from sof04s03-in-f14.1e100.net (216.58.213.110): icmp_seq=1 ttl=117 time=35.6 ms
64 bytes from lhr25s02-in-f110.1e100.net (216.58.213.110): icmp_seq=2 ttl=117 time=35.3 ms
64 bytes from sof04s03-in-f14.1e100.net (216.58.213.110): icmp_seq=3 ttl=117 time=35.7 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 35.293/35.538/35.689/0.175 ms
root@lithium:~# curl https://ipleak.net/json/
curl: (28) Failed to connect to ipleak.net port 443 after 135153 ms: Couldn't connect to server
For apt update same probleme.
My architecture:
PVE with OPNsense VM.
LAN on Vmbr0
This computer, phone etc are connected in DHCP via Vmbr0 without problem.
I don't know if it's PVE or OPNsensewith bad settings.
Help
root@lithium:~# ping -c3 google.com
PING google.com (216.58.213.110) 56(84) bytes of data.
64 bytes from sof04s03-in-f14.1e100.net (216.58.213.110): icmp_seq=1 ttl=117 time=35.6 ms
64 bytes from lhr25s02-in-f110.1e100.net (216.58.213.110): icmp_seq=2 ttl=117 time=35.3 ms
64 bytes from sof04s03-in-f14.1e100.net (216.58.213.110): icmp_seq=3 ttl=117 time=35.7 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 35.293/35.538/35.689/0.175 ms
root@lithium:~# curl https://ipleak.net/json/
curl: (28) Failed to connect to ipleak.net port 443 after 135153 ms: Couldn't connect to server
For apt update same probleme.
My architecture:
PVE with OPNsense VM.
LAN on Vmbr0
This computer, phone etc are connected in DHCP via Vmbr0 without problem.
I don't know if it's PVE or OPNsensewith bad settings.
Help
#9
General Discussion / Re: multi-wan with one via wireguard
November 18, 2024, 02:12:32 PM
Nearly Magic. For work it's enough!
I have also on the remote server on jellyfin server.
If I am connected from external or use IP 10.2.1.14 , everything ok.
If I connect via reverse proxy on my router, the video stuck.
I can say internet quite slow when I use wireguard VPN. I run a speed test and everythings looks good. it's just video or download mail, connect to one drive.
I have also on the remote server on jellyfin server.
If I am connected from external or use IP 10.2.1.14 , everything ok.
If I connect via reverse proxy on my router, the video stuck.
I can say internet quite slow when I use wireguard VPN. I run a speed test and everythings looks good. it's just video or download mail, connect to one drive.
#10
General Discussion / Re: multi-wan with one via wireguard
November 18, 2024, 06:15:53 AM
I just put in dhcp lease the remote routeur... Magic
#11
General Discussion / Re: multi-wan with one via wireguard
November 17, 2024, 04:08:44 PM
Now it's. Don't ask me why but it's work.
I have DNS leak and I would like to fixe that ( and without kill switch if possible)
I have DNS leak and I would like to fixe that ( and without kill switch if possible)
#12
General Discussion / Re: multi-wan with one via wireguard
November 15, 2024, 04:04:46 PM
For other client I connect them to the same wireguard instance and it's work.
I configure the outbound like say, I configure rules, I configure gateway. I think I configure something wrong but what?
I dont understand the principe of Outbound, what is it ?
I configure the outbound like say, I configure rules, I configure gateway. I think I configure something wrong but what?
I dont understand the principe of Outbound, what is it ?
#13
French - Français / [Solved] Re: Dynamic IP
November 15, 2024, 12:03:00 PM
Juste pour info, c' etait un problème de gateway
#14
Virtual private networks / Re: Using WireGuard with VPS for game server
November 08, 2024, 06:07:17 AM
I have quite similar problem.
I am connected to another opnsene and I would like to reach internet via opnsense -> WG -> opnsense -> internet.
I can connect to remote LAN but impossible to go outside.
I am connected to another opnsene and I would like to reach internet via opnsense -> WG -> opnsense -> internet.
I can connect to remote LAN but impossible to go outside.
#15
General Discussion / Re: multi-wan with one via wireguard
November 08, 2024, 05:58:52 AM
No still doesn't work.
Do you have tutorial I can follow to be sure I have a good setup?
Just for information, with windows or android client I have internet, everything work. I supposed it s problem with gateway from local opnsense.
Do you have tutorial I can follow to be sure I have a good setup?
Just for information, with windows or android client I have internet, everything work. I supposed it s problem with gateway from local opnsense.
