OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of MrCCL »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - MrCCL

Pages: [1] 2 3
1
19.7 Legacy Series / Re: OPNSense on KVM (Virtio) ?
« on: August 13, 2020, 11:23:52 pm »
Thanks for the update.
I assume you tested this on OPNsense version based on HardenedBSD 12.1, right?

2
19.1 Legacy Series / BUG: Ubound DNS crashes when assign DHCP client to static IP
« on: March 21, 2019, 02:12:28 pm »
OPNsense 19.1.4-amd64
FreeBSD 11.2-RELEASE-p9-HBSD
OpenSSL 1.0.2r 26 Feb 2019

it seems when you assign a DHCP client to a static IP and save,  Unbound DNS crashes and have to be started.
See attachments.

By the way, in general I rather often have to reload Unbound DNS because new DHCP assigned IP's are not always registered in Unbound from DHCP. I do admit I add/remove clients often and change hostnames etc (KVM test setup). In it might have been better in the few last updates.
I don't have any specific details yet, but just for common info that the sync between DHCP and Unbound doesn't seem to be rock solid.

3
General Discussion / Create cron job "run custom script"
« on: February 25, 2019, 10:37:13 pm »
Been looking at this guide to make a cron job:
https://docs.opnsense.org/development/backend/configd.html

I would like to make a job that run the script specified in the parameter field in the gui.
I've tried to create this configd file:

Code: [Select]
[start]
command:/bin/csh
parameters:-c '%s'
type:script
description:run custom script
message:run script

Restarted configd:
Code: [Select]
service configd restart
Created the job in the gui:


But it seems not to run :-( ?

4
19.1 Legacy Series / Re: There seems to be a bug in the Client export
« on: February 04, 2019, 08:57:28 pm »
Thanks :-)

Another thing that didn't work in the new "new" config file:

Code: [Select]
verify-x509-name "/C=DK/ST=CPH/L=CPH/O=MyDomain/emailAddress=xxx@domain.com/CN=FW1_SRV_CERT" subject
I had to change it back to the old format:
Code: [Select]
verify-x509-name "FW1_SRV_CERT" nameThis one is more complex. It has more dependencies so hard to say if it is bug or just a misconfiguration on my setup (although it was pretty much created by the wizard).

Now that we have the box open:
The OpenVPN Windows client gives an ugly red warning about password is cached in memory and that you should use "auth-nocache". It's my advice it is added by the exporter by default ;-)

5
19.1 Legacy Series / There seems to be a bug in the Client export
« on: February 03, 2019, 07:04:46 pm »
Error from the OpenVPN client log:
"Options error: remote: bad protocol associated with host vpn.wit.dk: 'UDP'"

In 19.1 the Client export write in the ovpn file: "remote xxx.domain.com 1194 UDP"
This must be specified in small cap letters "udp"

6
Web Proxy Filtering and Caching / Proxy user autentifikation doesnøt seem to apply for FTP proxy
« on: November 22, 2018, 01:36:32 pm »
I've setup Web Proxy with user autentifikation enabled and it work great.
But the FTP proxy  seem to be open and doesn't require the user to authenticate to the proxy which i expect it to do.

Is this by design or a bug?


7
Web Proxy Filtering and Caching / Which group-privileges are needed for Web Proxy access when using auth.?
« on: November 16, 2018, 03:15:01 pm »
Using OPNsense 18.7.7

I've enable user authentication in Web Proxy (local db) and assign my test-user to a group with privileges to:
Proxy: Login
Services: Proxy

But that doesn't seem to be enough.

I can only get it to work if I assign all the privileges :-(
Which ones do you need for Web proxy access?

Another question:
-How can I "clear"  the authentication timeout (TTL)...the minimum is 1 hour?
Trie to restart the proxy service, but it didn't "clear" it.

-In the Proxy authentication form there is something called "Authentication processes" (The total number of authenticator processes to spawn.).....can someone explain this parameter?



8
18.1 Legacy Series / Unique user-certificate is not unique on my box
« on: June 14, 2018, 01:30:52 am »
My OpenVPN server config is set to "Server Mode = Remote Access (SSL/TLS + User Auth )".
I've created user-certificate for every user and made a Client Export for every user (Archive file with 3 files .key,.p12 & config file).
Each user also have a unique password. I'm not using TOTP.
But I can switch the .p12 file between the users on the clients and they can still establish a VPN connection to the server using another users .p12 file.
I thought the file was "paired" to the specific user?

9
18.1 Legacy Series / Re: How to start the installer script from the DVD iso image?
« on: June 14, 2018, 01:14:18 am »
I admit it's described on the page several places, sorry for that.
But I just didn't understand the meaning of if. Even though the formulation and grammatical is absolutely 100% correct, it just didn't make sense to me at that time. Partly because of the duplicated naming "installer" and partly because I would never expect it would be executed depending on a user-login.

But there will always be people who don't understand a guide, no matter how good it is, I guess this time I was one of them, damn! :-P


10
Hardware and Performance / Re: Hardware requirements / support
« on: June 13, 2018, 10:33:55 am »
I'm running it as VM on KVM, that's why ressources matter more than on physical hardware.

11
Hardware and Performance / Re: Hardware requirements / support
« on: June 13, 2018, 09:21:43 am »
I really don't get the "official" hardware requirement (https://wiki.opnsense.org/manual/hardware.html)

I just made a harddisk installation of 18.1:
Mem usage: 147MB
HDD usage: 1,3G

40G of HDD??? I assume that is only if you need to save A LOT of log data, right?


12
18.1 Legacy Series / Re: How to start the installer script from the DVD iso image?
« on: June 13, 2018, 08:45:40 am »
What a supprise! Login with "installer" sure does execute the installation program using the live DVD iso image.
franco: It would be nice it that was more clear on the https://docs.opnsense.org/manual/install.html page ;-)

13
18.1 Legacy Series / Re: How to start the installer script from the DVD iso image?
« on: June 12, 2018, 11:19:44 pm »
I still don't get it. Does the install script start if I login as "Installer"?

14
18.1 Legacy Series / Re: How to start the installer script from the DVD iso image?
« on: June 12, 2018, 08:29:31 pm »
The install page ( https://docs.opnsense.org/manual/install.html) says:

15
18.1 Legacy Series / How to start the installer script from the DVD iso image?
« on: June 12, 2018, 08:26:25 pm »
I'm installing OPNsense as virtual on KVM and want to use "OPNsense-18.1.6-OpenSSL-dvd-amd64.iso" as install media, but it boot into live :-(
How can I start the installer script if possible from this ISO?

Pages: [1] 2 3
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2