Topics

1

22.7 Production Series / Small Cosmetic Bug, Device Hostname

« on: August 11, 2022, 11:21:33 am »

Hi, this is an old yet small cosmetic bug, in some pages the device name or hostname isn't displaying properly when it contain spaces, looks like some users like to name their network devices with spaces which difficult the device identity initially, since this hasn't been fixed yet just posted as reminder.

For example the "dhcpd.leases" are showing client-hostname correctly but somehow not being parsed properly.

Example images:

2

General Discussion / [SOLVED]Access Point(AP) web access between LAN and OPT

« on: August 09, 2022, 07:49:41 am »

Hello, only have basic knowledge here regarding networking/firewall in general so I think this is the best forum section for asking such question/help, really sorry if should be in another sub forum.

I've recently switched from a basic OPNsense setup with just WAN + LAN, to WAN + LAN + OPT to have two routes, main one for my home LAB and secondary one for the rest of the house locations, since then I've been struggling trying to access from my workstation(192.168.1.200) the Access Point's located on the secondary route(192.168.2.1), I've followed several OPNsense how-to's around the net and read the OPNsense online manual but I was unsuccessful.

So the question is what should be the best way to do this, through NAT-Port-Forward, Firewall-Rule(s) or through Routing, also since an illustration can say a lot of things I will post an image of my setup for convenience.

Wanted scenario:
Gbe Client Admin want to access the Access Point's 192.168.2.10 and and 192.168.2.11 Web Interface, pretty sure after setting up access for one I will know how to do this for the rest, also 192.168.1.200 can ping OPT 192.168.2.1.

System specs:
OPNsense 22.7_4-amd64
FreeBSD 13.1-RELEASE
OpenSSL 1.1.1q 5 Jul 2022
CPU: i5-2390T
RAM: 8GB
Disk: 2.5" HDD/RootOnZFS

Setup diagram:

3

20.1 Legacy Series / ZFS Installer Test Help

« on: March 08, 2020, 07:43:58 am »

Hello, In response to this now old thread

I've been a bit busy lately hence can't responded in time on the previous old thread.

However had some time and made a "fast draft" update to the opnsense.sh developed by franco in hope to get some feedback about the ZFS installation process/functionality, it currently supports ISO files only as the source media in this test installer, but will fully support USB installers as well based on the testing feedback.

I've currently tested only on GPT/UFS and GPT/ZFS and seems to work well here, though I've only focused in the ZFS filesystem and more testing is much welcome.

Small video showing bsdinstaller working HERE

Testing sources can be found HERE

The current proposal does copy the files freshly from the source media, and does not requires for the live media to carry the base.txt etc. tarballs files, keeping the same size for convenience.

P.S. Note that the file copying process does not have a percentage gauge yet. 

Regards

4

19.7 Legacy Series / OPNsense built-in ZFS Installer Ideas

« on: December 07, 2019, 10:25:53 pm »

Hello, I'm really sorry for posting a another thread about this topic, however since I posted in an already Legacy product thread, it may worth to just point for it instead of duplicating.

Here are some ideas, test files for a simple built-in OPNsense ZFS installer, actually the "bsdinstall" route is the best approach in my personal opinion, though there are several ways to accomplish this eventually.

Regards

5

General Discussion / [Solved]Port forward behind ISP Router

« on: June 26, 2018, 07:34:28 pm »

Hi, since I've tried numerous how-to also can't search for solution yet, I decided to starting a new thread in hope someone in the same boat with solution can bring some light.

I'm having a very hard time trying to get a simple web server to be accessible outside my network(for testing purposes) through No-IP/Port forward, I will post brief setup of my current network in hope to get some advice if I am doing something wrong on my end, before I consider to call my ISP in which is very slow wen it comes to customer support unfortunately.

Lets start with my setup and what I'm trying to accomplish for reference, my setup is as follow:

           ISP/Locked                        Router/DHCP                WiFi/AP/Bridge            Switch/Unmanaged            Wired
[Ubiquiti Wireless Radio]----->[OPNsense 18.1.10]----->[Netis WF2419]----->[ PowerConnect 2808]----->[Clients]

HERE is an image of the above network setup/diagram.

My Web server in question is a simple Apache server running on my FreeBSD file server and currently accessible locally with the IP: 192.168.1.xxx:8080, OPNsense is handling all the Unbound DNS, DHCP and DDNS with my No-IP account, the DynDNS plugin is currently working and cached my outside WAN IP address and is reflected in the No-IP website as expected, now the odds are coming.

I configured port forwarding for the Apache IP/port as follows:

<Source>
[IF=WAN]--[Proto=TCP]--[Address=*]--[Ports=*]

<Destination>
[Address=LAN Address]--[Ports=*]

<NAT>
[NAT=192.168.1.xxx]--[Ports=8080]

My DNS Servers are as follow:
#1: 208.67.222.222
#2: 208.67.220.220
#3: 192.168.1.1

Allow DNS server list to be overridden = Unchecked
Do not use the DNS Forwarder/Resolver = Unchecked

A further test I performed under Windows "nslookup" returned also the following:
> myhostname.ddns.net
Server:  opnsense.localdomain
Address:  192.168.1.1

Non-authoritative answer:
Name:    myhostname.ddns.net
Address:  104.238.xxx.xxx (WAN IP)
>

Overall with this setup, I can access my specified "myhostname.ddns.net" and I'm redirected to external WAN which is working fine, but the port forward is not redirecting to internal Apache target IP/port for some reasons, in either default port 80 nor with 8080 etc, additionally every port tester I've used say Port not open and others say Connection refused. 

I really apologize for my rather messy post and I hope to get some advice from experienced OPNsense users regarding port forward behind a locked ISP router, oh and really sorry for my English.

Regards