Messages

Hello Abdullah,

during the debuging process, to look after what happens, i checked all the IP i used to test the inbound access thru GeoIP.
There was an Orange 5G, Proximus 5G, Proximus home VDSL, Colt pro VDSL and Proximus explore pro Fiber.
All that IP where in your database (thru the website) and correctly BE flagged.

But as i said, the txt file present in the OPNsense repository (there was also an MD5 file, so i'm aware there is an integrity verification) contains only a few amount of V4 IP, but a bunch of V6.

Here's again the copy of the mentioned file : https://uploadnow.io/f/Qzn9R5G

I used the python script to force again downloading, and the file was still the same.

I don't know why when i created a new list in the OPNsense aliases, the content tuned ok.

Hello Abdullah,

As others explained, it was concerning a bunch of IP address. And in my case, testing a lot of Belgian (verified) IP address from different providers.
I don't know if it was OPNsense parsing method or the CSV file corrupted. But there was a serious issue.
File was not complete. As i said, for exemple in Belgium, ip range was limited to the 5.x.x.x
We solved the issue by creating a new white liste in our appliance.

Then go to "Firewall - Aliases" and create a new alias that contains Belgium.
After saving and apply, go to "Firewall - Diagnostics - Aliases" and check the contents of the alias you just created.

I just did it, and the problem was solved ! Thank you for your help.

I thing robvdw was right, there was an issue at ipinfo yesterday.

I've asked IPinfo to take a look. Also make sure the maximum table entries value is not too small.


Cheers,
Franco

Of course, i'm only at 3%

Maxmind or IPinfo? Anyway, this is not an opnsense issue :( It must be reported to the provider.

I already get in touch with Robert at Decisio about that specific issue.

I downloaded the Belgian white liste, it contains almost only IP V6.
Only some V4, but as the list is in alphanumerical order, i can see, nothing more after 5.x.x.x is listed ...

Take a look : https://uploadnow.io/f/Qzn9R5G

Hello, i'm on 25.10.1_2 business Version.
Today, a road warrior user told me he can't connect anymore to VPN server.
I tried on cellular with the same issue.
I found the problem. It's GeoIP. I only give access to Belgian IP (BE). When disabled, it works again.
The geoip database was updated about 15 minutes ago. In the alias IP list (diagnostic/alias) i cannot found any of my belgian (verified) IP adsresses.
I temporary add a whitelist for my user to let him work. But he's behind a dynamic IP internet connexion. I will add his new IP when change.
Does anyone know if the provider of the business GeoIP list has an issue today ?

Hello,

Hope my question wasn't already asked, but i didn't found any exact situation.

I have 3 ISP connected, each monitored to a DNS IP (8.8.8.8/1.1.1.1/1.0.0.1)
Failover is working fine. But i'd like to receive and email when each connection goes down and when it goes up again.

The default gateway alert in the monit service settings only notify me when one is going down. If an other one is going down, i didn't received information. Of course, in this case, one connection is still available to send out the e-mail.

Is there anybody found a suitable option to monitor this crucial information ?