Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - cardins2u

Pages: [1] 2

21.1 Legacy Series / IPV6 vLAN - Untagged gets all the vLAN IPv6

« on: February 28, 2021, 09:51:43 pm »

Anyone having this problem.

all my vlan are getting their 'track interface" ipv6 correctly ONLY single IPv6.

How ever Untagged vLAN (my main vlan for every esxi, vsphere, vmware, computers, home computers) all get the same all the IPv6 tagged IPv6s.

So if I sign into using my Wireless access point i get 1 x IPV6.
So if I sign into my wireless untagged I get 10+ IPv6 as many as my vlans.

Anyone has a solution to fix this?

@franco

20.7 Legacy Series / ZeroTier & OSPF

« on: May 26, 2020, 07:03:32 am »

I'm trying to learn how to setup OSPF through ZeroTier.
I'm having issues distributing routes in OSPF.

Can Someone see anything odd about this?

1.) I removed all Managed Routes on ZeroTier
2.) Plugin Installed in OPNSense FRR
3.) Routing > General > Checked Enable
4.) OSPF > Check enable
- Passive - All interface Except ZeroTier Interface
5.) Networks -> Added all networks route over ZeroTier Including ZeroTier Interface
6.) NO WORK

Anyone have a clue what I need to do? no routing table are showing up.

20.7 Legacy Series / OPNSense + WAN LTE

« on: May 21, 2020, 11:19:25 pm »

I'm working on setting up a OPNSense for RV customers.

Since they use serveral LTE devices for reliability. When you move from one area to another area you get new ip address.

WAN seem to stick on one ip addres from another city.

How can you set it so WAN renew ip of gateway pings dies?

Overview:
4 VMS
- OPNSense
- Domain Control DHCP, DNS
- 1 File Server
- Windows 10 backup

all of these are tied back using ZeroTier.

I need to find a way so that if DHCP Gateway dies. The wan try to renew/release ip address to get new ip from one location to the new location.

20.7 Legacy Series / 2 OPNSense Box Zero Tier

« on: May 21, 2020, 09:08:49 am »

I've been trying to get 2 OPNSense Zero Tier working. Anyone try it?

OPNSense1
- ZeroTier Package Installed
Configured with IP 172.24.204.2
- Interface Assigned

OPNSense2
- ZeroTier Package Installed
Configured with IP 172.24.204.2
- Interface Assigned

From OPNSense GUI I can ping each other OPNSense

BUT from
OPNSense LAN 192.168.X I cannot ping 172.24.204.2

I open all firewall

20.1 Legacy Series / IPSec PRoblems after upgrade

« on: April 25, 2020, 03:20:02 am »

I upgraded to version OPNsense 20.1.5-amd64 today and now ipsec are getting these errors.

There are 4 site to site. 1 works and the other 3 doesnt work.

the 3 that doesnt work show this error below.

2020-04-24T18:16:51   charon: 01[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:51   charon: 01[KNL] creating acquire job for policy 96.85.x.x.x/32 === 173.16x.x.x.x.x/32 with reqid {3}
2020-04-24T18:16:46   charon: 01[NET] <con3|2> sending packet: from 96.85.xx.x.x[4500] to 173.160.xx.xx[4500] (1052 bytes)
2020-04-24T18:16:46   charon: 01[IKE] <con3|2> retransmit 4 of request with message ID 1
2020-04-24T18:16:45   charon: 01[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:45   charon: 05[KNL] creating acquire job for policy 96.85.xx.xx3/32 === 173.16x.x.x.x/32 with reqid {3}
2020-04-24T18:16:42   charon: 05[CFG] ignoring acquire, connection attempt pending
2020-04-24T18:16:42   charon: 05[KNL] creating acquire job for policy 96.85xx.x.x32 === 173.160.1xx.x.x/32 with reqid {3}

20.1 Legacy Series / ipv6 on LAN

« on: February 02, 2020, 01:20:55 pm »

I have WAN & LAN IPv6 set to none. Some how all my internal client getting ipv6 . Tested to see if its routable by going to ipv6 website. Its not routable. How do I stop OPNSense from giving internal networks public ipv6 address?

19.7 Legacy Series / NTOPNG - Questions

« on: October 04, 2019, 03:41:15 pm »

Finally I got the time to fiddle around with NTOPNG. I'm loving it!

A few question I would like to ask.

1.) Where do you set how long the data is retention in NTOP?

2.) Can someone recommend settings for NTOPNG?

19.7 Legacy Series / Reset System > Access

« on: August 10, 2019, 05:05:24 pm »

Franco,

Is there a way to reset System > Access

I added Root to a couple of groups and now it wont let me remove it.

Also log on as root I cannot install plugin too. Anyway we can reset the System > Access without reseting everything else?

19.7 Legacy Series / IPSec - Issues

« on: July 18, 2019, 03:00:08 am »

The upgrade to 19.7 went smooth. Everything looks good so far. its functional as is.

The only issues I see is. After reboot IPSec services show as green but no ping or connections. NO SMB connections to server server across the ipsec.

Here's how I fix it every OPNSense Reboot last 10 reboots:

Every Reboot - the IPSec connection doesnt come up. you would have to go to

VPN > IPSec > Tunnel Settings > select one of the tunnel, click save > apply changes

then tunnel works again. I can access SMB on other side again. THis is no changes. Just save and apply. IPSEC works again.

Anyone can produce this?

General Discussion / NordVPN Tutorials/Instructions?

« on: December 27, 2018, 05:45:36 pm »

Anyone got NordVPN working on OPNSense? I'm trying to get it to work following PFSense tutorial. It didnt work out.

pretty please anyone?

18.7 Legacy Series / update cycle 18.7.r1 consantly

« on: July 19, 2018, 08:22:11 pm »

Franco,

I'm getting a upgrade loop.

Upgrade branch: Development

Package Name   Current Version   New Version   Required Action
opnsense   18.7.r1   N/A   obsolete
opnsense-devel   N/A   18.7.r_10   new

after clicking upgrade. It reboots and comes back with this upgrade again stating 18.7.r1 is obsolite and tries to upgrade to 18.7.r_10

18.7 Legacy Series / default vLAn

« on: July 10, 2018, 03:11:29 am »

@Franco,

So far I love OPNSense. Its my primary production router now. I'm working on implementing Direct Access and AUTOVPn feature of WIndows 2016.

It seem like 10.0.0.5 (DA) server is having problems communicating with Domain Controllers.
The rules are below.

IPv4 * LAN net * * * * Default allow LAN to any rule

When I use another router it can communicate just fine. THis points to firewall problem. All local traffic (such as traffic from 10.0.0.2 to 10.0.0.3 is going through 10.0.0.1 gateway and its being filter.

Am I doing something wrong?

17.7 Legacy Series / [Comcast] Static IPv6 - WAN [sucessful] - LAN [sucessful] unable to access inter

« on: January 19, 2018, 04:07:11 am »

After fighting around with Comcast Business IPv6 DHCP. I gave up. So I got IPv6 Static from comcast.

I was given
2603:xxxx:0b35::/56

Out if that I carved out

WAN:
2603:xxxx:0b35::1/64
* Can ping internet ipv6

LAN
2603:xxxx:0b35:1::1/64
* All PC get internal IP's address now. I can ping gateway 2603:XXXX:b35:1::1
* Cannot access internet.
Settings:
- Static IP: 2603:xxx:b35:1::1/64
- IPv6 Upstream Gateway: none
Router Advertisement: LAN - Unmanaged.

can someone point me to the right direction

Thank you!

17.7 Legacy Series / vLAN Traffic - Allow Internet, Block Inter-vLAN Routing

« on: January 18, 2018, 04:36:07 am »

I'm beginning to share my internet with my neighbors.

we have 4 neighbors that we're going to run cat6 cables directly to their house. We live back against a freeway and 4 of our house are connected to each other.

What rules do I need to:
1. Allow Internet Access
2. Block Inter-vLAN routing. (example vLAN10 can access vLAN20, But vLAN20 (guests,neighbor) cannot acess vLAN10.

all help is appreciated. Sharing your rules would help too =)......learning..

17.7 Legacy Series / (solved) New nic card

« on: January 16, 2018, 09:28:50 pm »

Is there a way to force opnsense to detect new nic card. I added an Intel compatible nic card and it's not detecting the new nic card. Is there a way we force it to detect new graphics card.

Pages: [1] 2