Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - AC

Pages: [1] 2

19.7 Legacy Series / Re: Dynamic DNS not working for interfaces besides WAN (IPv4 only)

« on: October 23, 2019, 08:32:55 am »

Same to me. I have 3 DSL connections. But now my Provider told me that he cuts one of them off. Like always, it's the connection I'm hosting most services like my VPN's...

Now I wanted to use Dynamic DNS so that my VPN devices would connect to a DNS Name rather than directly to an IP. So I can change the connections behind hosted services by just changing the ip at my DNS Provider. Well... the Firewall could do that, but doesn't..

German - Deutsch / Re: 19.1.1 PHP error Firmware und plugins

« on: February 26, 2019, 02:00:26 pm »

Hier desselbe

Lösung:
Ich habe ein bisschen in den Updatemirror-Einstellungen rumgespielt. Andere Mirrors getestet, bin dann zu Firmwareflavor LibreSSL gewechselt und hab nach Updates suchen lassen. Es wurden welche gefunden und ich hab einfach oben rechts den Upgrade Now gedrückt.

18.7 Legacy Series / Re: Kernel panic when unplugging WAN network interface

« on: January 09, 2019, 01:54:08 pm »

Ok. That where the options that caused trouble at our company. I don't know where the problem comes from. I see a "page fault" in this message. Maybe you run a memtest on that device, just to confirm that the RAM is ok.

Maybe you could run a tcpdump over SSH while disconnection an interface, so you see that behavior.

stack pointer, frame pointer... sorry. That's where I'm out. $:-\$

18.7 Legacy Series / Re: Kernel panic when unplugging WAN network interface

« on: January 09, 2019, 09:31:18 am »

(Firewall->Settings->Advanced

Try with

unchecked:
"Kill states"
"Bind states to Interface"

checked should be:
"Use sticky Connection" (with MultiWAN)
"Shared forwarding"
"Gateway switching"

18.7 Legacy Series / Re: Kernel panic when unplugging WAN network interface

« on: January 08, 2019, 03:08:48 pm »

I had that kind of Problem too.
Do you have the "Kill states" option enabled? (Firewall->Settings->Advanced-> Gateway Monitoring)

Intrusion Detection and Prevention / Re: Feature request: use of suricata 'ignoring traffic' features

« on: April 04, 2018, 07:45:10 am »

I'm interessted in this as well. In pfsense you can make supress lists to exclude special hosts from a rule. Now I just can deactivate the whole rule for my whole network if it's blocking traffic to just one host.

I think that's an important enterprise feature because I have some hosts in my company network that use some kind of java application, but suricata blocked that, so I deactivated the whole rule, exposing all other clients to that particular "attack".

I've seen the feature was proposed for 18.7 but now it changed to no version... I'm really waiting for this. It makes no sense for me to buy the ET-Pro-Ruleset if I have to deactivate one whole rule just because one client triggered it as false positiv. $:-\$

18.1 Legacy Series / Re: OPNsense panics in my multiwan setup

« on: April 03, 2018, 09:13:33 am »

Interresting Thread!
Seems that I have a similar problem here. If I physically disconnect one of my two PPoE the system goes immediately into reboot.
I configured my system like elektroinside and have shared forwarding enabled.

I will test without shared forwarding

German - Deutsch / Re: How to "ESET ICAP" - Brainstorming

« on: March 21, 2018, 08:18:03 am »

Was spricht denn gegen den Kaspersky?

Gute Performance, gute Erkennungraten.

Unterstützung für Cent-Os 7 ist: https://support.kaspersky.com/13200
Das Kaspersky squid v3.1.6 nicht unterstützt, liegt wohl einfach an dem Bug den squid in dieser einen Version hat, der ab squid v3.1.7 gefixt ist, was wohl seit 2010 der fall ist, wenn ich den Bugreport aufmache: https://bugs.squid-cache.org/show_bug.cgi?id=3011
Aktuell hab ich squid v3.5.x auf meinem 64 bit Ubuntu 16.04

PS: Kaspersky Anti-Virus 5.5 for Proxy Server ist ein eigenes Produkt. Im Grunde der Linux AV mit ICAP Protkoll.

Hier nochmal die Systemvorraussetzungen: Beachte, CentOS 5.7 und 6.2 tauchen unter der 32 bit Spalte auf, CentOS 7 bei der 64 bit Spalte
https://support.kaspersky.com/proxy5?level=3#requirements

German - Deutsch / Re: How to "ESET ICAP" - Brainstorming

« on: March 20, 2018, 04:01:55 pm »

Hallo Leute,
weil der Proxy der Opnsense kein MultiWan kann, haben wir den Proxy sowieso vorgelagert in eine LinuxVM. Darauf hatte ich den squid aus den ubuntu 16.04 repos installiert und den kaspersky dazu. Das ist der blanke Antivirus (Kein InternetSecurity Marketing-Mist), heißt: die reine Engine. Die Karre wird "for Proxies" heißen, weil das Ding die ICAP Schnittstelle mitbringt.
Wir setzen hier schon den Eset auf den Clients ein (das neue Management ist nicht so knorke) aber die Engine läuft sehr gut. Weil der auf den Clients läuft, kommt der mir nicht auf den Proxy

German - Deutsch / Re: How to "ESET ICAP" - Brainstorming

« on: March 19, 2018, 03:28:22 pm »

Es gibt noch den https://www.kaspersky.de/small-to-medium-business-security/proxy-server
Ist recht einfach:
Auf Linux installieren (genau nach Anleitung) und dann mittels beider URL's anbinden, wie steht auch in der Doku vom Kaspersky Proxy Server.

18.1 Legacy Series / Re: 18.1.3 release

« on: March 06, 2018, 09:37:58 am »

Will the Firewall reboot after that upgrade?

That information would be placed well in the changelog.

With that info I can upgrade the Firewall during my work-time or I need to plan it for later that day.

Intrusion Detection and Prevention / Re: Feature request: use of suricata 'ignoring traffic' features

« on: January 26, 2018, 07:08:21 am »

And one more

17.7 Legacy Series / Re: Gateway switching problems

« on: January 15, 2018, 02:50:39 pm »

Found that error.

I bound the internal DNS Server on System -> Settings -> General to one of my aDSL-connection.

Removed that and ticked "Allow DNS server list to be overridden by DHCP/PPP on WAN"

No more problems

17.7 Legacy Series / Re: Gateway switching problems

« on: January 11, 2018, 06:34:34 pm »

Now I know where it comes from. Seems to be one of my DSL Connections.

I need to totally disable the whole interface in "Interfaces". This connection DSL02 was my default Gateway and experienced some error (don't know - still searching). When that happens, nothing helps:
I promoted my DSL01 connect as default Gateway.
I turned the DLS02 Gateway off.
Tried to restart apinger.

Turned my Interface DSL02 off and the packets flow again.

Is there a logfile where i can see errors on my interfaces?

17.7 Legacy Series / Gateway switching problems

« on: January 10, 2018, 08:43:26 am »

Hey Folks

i experience a strange behavior and I'm a little bit helpless with that.

I'm routing to different Networks with multi-wan. DNS is routed to two DSL connections AND a special Network where the parent DNS Server is in. I configured the three Interfaces as GatewayGroup_DNS.

Everything worked fine - but about once a day, only my DNS routing does stop working. I can't ping or lookup DNS Servernames but i can ping IP's in every net through every interface connected.

The strange thing is, when this happens, I also can't ping the opensenseFirewall Gateway but only from my DNS-Servers! Every Client can ping the Firewall! Also, when I'm using the parent DNS Server in my Client directly, DNS will work for that Client.

I'm not using any DNS Service from the Firewall - just routing DNS from my Servers to the GatewayGroup_DNS.

No IDS used! No DNS-Service from opnsense. DNS Server seem to get blocked after some hours!

Reboot helps...

Pages: [1] 2