Topics

1

General Discussion / IP SEC, there is no traffic between the two networks

« on: October 07, 2019, 02:53:59 pm »

Good morning,
 
I have configured a point-to-point tunnel following this guide:  https://docs.opnsense.org/manual/how-tos/ipsec-s2s-route.html

The problem is that the vpn tunnel is successfully established, but I have no data traffic between one site (LAN1   192.168.1.x) and the other (LAN 2 192.168.3.X).


Any idea how I can allow traffic?

All Firewall rules (WAN and IPSEC interfaces) are configured on both sides.

I think it's a route problem, but I can't find the solution.


Thanks

2

General Discussion / Open ports openvpn (Road warrior)

« on: June 07, 2018, 03:02:28 pm »

Good afternoon,

On my opnsense device, I have configured a VPN for a user that connects externally. On other occasions, the vpn has worked perfectly for me.

Now I find myself, that I can not connect from outside (It's a new router).

-If I ping the public IP, I get an answer.
-If I realize a telnet to the public ip, with the port 1194, I do not obtain result.

The difference is that this new router has no DMZ, that is, I have to open the ports (NAT) in the router to point to the IP WAN of the opnsense, and the opnsense made a second NAT in the OPNsense device so that can access the local network. If I do it with an RDP protocol, I can connect.

RDP: PUBLIC IP: 9898 ---> (ROUTER) ---> WAN IP OPNSENSE ----> LAN DEVICE - WORKS ---

If I do it with the VPN port, it does not work.

I suspect that the problem lies in the fact that I need to open a port other than 1194.
Can somebody help me?

Thank you. 

3

General Discussion / Ip static in OpenVpn client

« on: March 15, 2018, 09:07:30 am »

Good Morning,
I have an OpenVpn server enabled.

I do not need to assign a specific IP to the clients that connect via road warrior VPN (network 10.10.10.X). Is it possible to do a Mac-IP relationship so that the same computer always gets the same ip from the VPN server?

Thanks

4

General Discussion / Problems loading a specific webpage

« on: May 25, 2017, 10:22:25 am »

Good Morning,

For some time, when I visited the website of the Catalonian education department, the web does not load correctly, it seems as if some of the images do not load correctly. The problem only appears in a specific page of the department: http://educacio.gencat.cat/portal/page/portal/Educacio/PCentrePrivat/PCPInici#contenido

On an earlier occasion the same thing happened to me, I reinstalled Opnsense and the problem seemed solved, but it has happened again.

I have activated the web proxy, and disabled the cache, but the network in which the computer is located has excluded the pass through the web proxy.

Thanks!

5

General Discussion / Problems sending emails

« on: March 01, 2017, 12:26:04 pm »

Good morning,
I have done a basic installation of Opensense in my office.
I encounter the problem that when I send mails through Outlook, if the mail has an attachment (attachments of less than 2 MB) Outlook will remain loading for 3-4 minutes and finally send the mail.
If the email does not contain attachments, it is sent instantly.
This problem occurs with multiple accounts (Exchange, Imap, and Pop3).

Without opnsense, everything works correctly.

Any idea what it can be?

6

General Discussion / Clone sd card to a larger one

« on: February 23, 2017, 01:39:25 pm »

Good morning,

I have an Opensense installed on an 8GB SD card.
I ran out of space, and I cloned the card to a 32 GB SD.

I use the Win32DiskImager application. I've cloned the card, but it still recognizes the 8 GB. I'm afraid I have to move the size of partitions. With gparted of ubuntu (for its easy graphic environment) it does not recognize the file system. Is there any way to be able to,simple , go from an 8GB card to a 32 GB card?

Thank you so much,

Greetings.

7

General Discussion / Run shell script

« on: February 16, 2017, 01:42:47 pm »

Good afternoon,

I need to install the following script, to achieve the monitoring of my opnsense through "TrueSight Pulse".

I tried to run the script, but I do not go out with the installation.
I find the following message:
bash: No such file or directory

The script is:

curl -fsS -d '{"token":"XXXXXXXXXXXXXXXXXXX"}' -H 'Content-Type: application/json' https://meter.truesight.bmc.com/setup_meter > setup_meter.sh && chmod +x setup_meter.sh && ./setup_meter.sh


Could you help me?

Thanks!

8

General Discussion / OpnSense Notification List

« on: February 09, 2017, 01:14:29 pm »

Good Morning,

I have configured the alerts to be sent by Growl.
The alert test comes to me correctly.

Can someone give me the list of alerts that can be received by growl? (System, Login, etc.)

Is there any option to customize notifications?


Thank you so much.

9

General Discussion / Windows command line ftp upload

« on: January 24, 2017, 01:42:27 pm »

Good morning,

I have replaced my old firewall with an Opnsense firewall.
I run through a script, a massive upload of txt files to an ftp server.

With the old firewall there were no problems running the script.
With Opensense, I find that it creates the txt files, but without content (all white). Reviewing the logs, I find the error: illegal port command.

With filezilla or other ftp clients works correctly. Only occurs via command line
I have created a firewall rule to allow the entire pass from the local server source to the remote FTP server, but I still have the same problem.

Can someone give me an idea how to correct my problem?

Thank you so much!

10

General Discussion / Problem with Spamhaus rules

« on: January 20, 2017, 06:32:57 pm »

Good Morning,
I am trying to apply the antispam functionality with Spamhaus's "drop" and "edrop" listings. Following the docu-wiki, I created the rule on both the Wan interface and the Lan interface.

I keep getting a lot of SPAM (if no apparent improvement).

A spam mail that I have received, I have resolved the IP of the mail domain. With the Ip, I did a search on the Spamhause website, and it appears as a blocked email address in the "DBL" list. In the drop list and edrop does not appear this IP, for this reason, I think it does not block it.

Is there an effective way to stop spam?

Thank you so much.