Topics

1

19.1 Production Series / dhcp6c: No Rewriting of the config when a new interface is added

« on: April 20, 2019, 07:52:35 pm »

Can someone look at:
https://github.com/opnsense/core/issues/3406

2

19.1 Production Series / IPv6: Track Interface: Doesn't allow the full range of IPv6 Prefix id's

« on: April 09, 2019, 12:58:53 pm »

I get a /60 from ATT, which should allow prefix id's 0-15 (4 bits).  The GUI for track interface says 15 & 14 are out of bounds.

This is in addition to the problem of adding a new interface that tracks WAN *NOT* rewriting the dhcp6c_<WAN>.conf file and restarting dhcp6c.

3

19.1 Production Series / Let's Encrypt: Doesn't seem to know it's working?

« on: April 04, 2019, 03:35:59 pm »

I've got a valid LE cert on my FW, but the certifcates in the GUI show validation failed, and I can't seem to find the cronjob.

ideas?

(I force renewed from the GUI, hence the new issue date).

4

Documentation and Translation / VLAN: How to set up to get a IPv6 prefix from DHCP?

« on: April 04, 2019, 12:35:09 am »

I'm on 19.1, and have the pfatt stuff working, and my LAN gets an IPv6 prefix just fine.

I'm testing, and when I configure a VLAN on that interface and configure the subinterface the subinterface JUST gets a link-local address, and not a routable prefix out of the /60 block ATT passed me.

Does anyone have doc/faq/etc on what I might be missing?

5

19.1 Production Series / [SOLVED] DHCP: update a foreign (to OPNSense) nameserver with nsupdate/t-sig?

« on: April 02, 2019, 10:52:02 pm »

I'm coming back to OPNSense after a LONG break and was wondering if the DHCPD in current production can support doing DNS updates to a foreign (to OPNSense) DNS server (my server on a different network, using BIND 9.13.x) via an NSUPDATE type message, but using T-SIG keys?

6

17.7 Legacy Series / 6RD status?

« on: September 23, 2017, 03:39:28 am »

I'm currently back to pfSense as they correctly support ATT Fiber's 6rd IPv6.   I really(!) prefer Opnsense, but *NEED* 6RD to work.

What's the current 6rd status in Opnsense 17.7?

7

17.7 Legacy Series / ATT Fiber/IPv6/DMZ+ mode

« on: August 08, 2017, 08:01:33 pm »

I've just moved into a nice new house with ATT Fiber.  ATT'S RG (Pace 5268AC) doesn't pass IPv6 through to the DMZ+ host (will be the firewall).  It *DOES* however allow IPV6 to other devices connected to it's own switch.

Should I be able to route IPv6 from another interface to my LAN and do Firewall stuff?  My suspicion is YES, but I'm not near it right now.

Basically the setup:
                                                    +--->WAN port on OPNSENSE (IPv4/DMZ+)----+
ATTONT->ONT PORT on 5268AC ---|                                                                     |----> LAN port on OPNSENSE
                                                    +--->OPT1 port on OPNSENSE (IPv6/DHCPv4) .+ 

Would this allow me to have dual stacked hosts on the LAN ?

8

Development and Code Review / [RFE] add traffic per rule in the GUI

« on: January 22, 2017, 05:59:18 pm »

I'm a convert from pfSense.  One of the nice things they have in their GUI is the traffic (pkts/bytes) PER RULE in
the rules list.

This is useful to see if the rules are working.

Any chance in a future release of getting something like that?