Topics

1

17.7 Legacy Series / Transparent Firewall setup?

« on: November 28, 2017, 11:46:58 pm »

I have a new deployment that I need to install an inline firewall/url blocker with no NAT, traffic shaping or routing of any type (Transparent Firewall/bridge/???).  I would like to use OPNSense and after doing some research believe I need to follow this guide:

https://docs.opnsense.org/manual/how-tos/transparent_bridge.html

I don't want to make any changes to the clients if I can, I need to use the current device as the gateway/router/dhcp/etc...  and only want to add an additional layer of protection.  Thank you all in advance and any help will be greatly appreciated.

2

17.1 Legacy Series / firewall alerts

« on: July 25, 2017, 10:10:15 pm »

Hello all, a little while back I had to reinstall OPNSense after a power strike where my backed up settings would restore.  I had pretty good notes on the changes I made so I think I'm back to where I was before the power strike except one thing.  I'm getting constant connection attempts to my PLEX box and a few other things.  2-3K a week.  I notice these b/c I have a Cujo and Rattrap security appliances as a "sanity check" and an additional layer of protection (typically I just run Rattrap inline from the OPNSense LAN port that goes to my HP Switch).   

Prior to reinstalling I was getting zero notifications of these types b/c they were being blocked by OPNSense.  I have gone over everything ten times and I can't figure out what I'm missing (didn't enable or setup) to have OPNSense automatically block these connection attempts.  I have IPS/IDS turned on, UPnP turned off, etc...

Anyway, if anyone has some suggestions I would greatly appreciate it.  Thank you in advance!

3

17.1 Legacy Series / power outage set OPNSense back to defaults booting in LIVECD Mode

« on: June 21, 2017, 06:13:33 am »

hello, just had a long power outage while I was out of the house, of course, the UPS decided to die in the middle of it bringing down my OPNSense box. When I rebooted it was booting up in LIVE CD mode and even after I restored the last backup it would just boot in LIVE CD Mode.  I know I can just run the installer but I would prefer to not have to loose all my settings.  Any help will be greatly appreciated.

4

17.1 Legacy Series / Unable to browse HTTPS sites via Wifi

« on: May 16, 2017, 07:25:45 pm »

I'm not exactly sure when this started but sometime recently I have been unable to access HTTPS websites if I browse using Wifi on my home network.  They work fine if I'm on a wired PC and I know for sure that about a month ago this was working fine.  Other then updating the FW I haven't made any changes (and I typically log those changes in my log book so I can revert them if needed).

Just thought I would post here to see if anyone had any advice.  Thank you

5

General Discussion / OPNsense and OpenVPN (AirVPN) setup

« on: March 30, 2017, 12:19:19 am »

Hello all,

anyone have a good updated guide on how to configure a VPN services (in my case AirVPN) with OPNsense?  I tried something like this when I was on pfSense/PIA but I made a hash of it since the UI had been updated but the guide had not been.

Thank you in advance

6

17.1 Legacy Series / ERR_CONNECTION_TIMED_OUT

« on: March 16, 2017, 01:28:35 am »

I'm hoping someone can help with this.  Every now and then I will get on one of my PC's and a certain number of websites will fail to load.  I get the ERR_CONNECTION_TIMED_OUT message.  It seems random and it's not just PC or browser based b/c it will occur across multiple browsers and PCs.  I'm thinking it has something to do with the network/firewall.  I saw this behavior in pfSense also.  It almost seems like if I wait and reload long enough most if not all the websites will start loading.  Much more rarely a page will partially load.

I've looked at the logs but since I don't know what I'm supposed to be looking for I didn't see anything that stood out as a possible culprit. 

EDIT:  I do get DNS resolution to the websites and most do reply back to pings.  Flushing the DNS on the PC's doesn't do anything and for whatever reasons rebooting OPNsense doesn't seem to help at all.  BUT If I shut it down and leave it off for a few minutes and turn it back on the websites will either connect by themselves or after a few seconds on a refresh.

7

17.1 Legacy Series / [SOLVED] OPNsense +Nvidia Shield +PLEX oh my!

« on: March 12, 2017, 04:40:27 am »

Anyone here have an Nvidia Shield that they have PLEX working on?  I have PLEX server working on my PC (after entering a NAT Port forward) but when I put it up on Nvidia Shield it can't be found by anything on the network the outside world.  I even enabled UPNP to no avail.

8

17.1 Legacy Series / [SOLVED] Dynamic DNS UI?

« on: March 08, 2017, 02:40:15 am »

Hello,

I need to setup my dynu ddns so I can update my IP.  I searched around and did not see anything mentioned.  Is the a UI way to manage your dynamic DNS in the GUI?

Thank you

9

17.1 Legacy Series / [SOLVED] LiveCD mode

« on: February 27, 2017, 12:14:27 am »

Hello,

I'm not sure WTF happened but I thought I had installed OPNsense but it turns out I'm running in LiveCD mode.  I have everything setup and working and I just want to confirm that there is no way to get this installed using the current settings.  I took a backup and I figured worst case i'll have to reinstall and get it running on SSD then restore the settings unless there is a better way .

Thank you

10

17.1 Legacy Series / [SOLVED] 16.7.14 installed but Firmware states "no updates available"

« on: February 05, 2017, 07:48:05 pm »

Hello everyone,

I had this big post about how I had upgraded from 16.7 to 17.1 but OPNSense still showed 16.7 installed on a Jessie minimal installed on ESXi 6.0u2 VM.  But before I posted I had a cup of coffee and ran through the process again and this time properly read the instructions (type "17.1" not just "yes" at the install prompt).

Well it's amazing the results you get when you follow the instructions properly.  16.7.3 upgraded to 17.1 with no issues so far.

Whitebox ESXi 6.0U2 Server
Supermicro MBD-X8DT6-F-ISO18 Motherboard
Dual L5640 CPU
96GB of ECC RAM
4 Cores
4GB RAM (will reprovision with 8GB)
16GB of 40GB SSD space Thin Provisioned
2 E1000 NICS (figuring it out how to change this but it upgraded just fine)