Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - cnu80

Pages: [1]

General Discussion / monit and configctl

« on: April 17, 2022, 09:20:42 am »

Hi, is it possible to use monit with configctl?
I have problems with my WAN Interface when my provider is changing the public IP. I have to reboot or disable and enable the WAN interface to get opnsense connected again.

Now I tried to configure monit with configtl and following commands to "restart" the WAN Interface

Start Service:

Code: [Select]

/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1Stop Service:

Code: [Select]

/usr/local/sbin/configctl interface linkup stop vtnet1
When I manually execute the command, the WAN Interface is online again, via monit it does not work. I can see in the log file, that monit ist executing the commands, but nothing happens.

Logfile from monit:

Code: [Select]

<30>1 2022-04-16T10:48:18+02:00 xx.xx.at monit 58983 - [meta sequenceId="8"] 'wan_check' stop: '/usr/local/sbin/configctl interface linkup stop vtnet1'
<30>1 2022-04-16T10:48:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="9"] 'wan_check' start: '/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1'
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="1"] Ping request for 8.8.8.8 1/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="2"] Ping request for 8.8.8.8 2/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="3"] Ping request for 8.8.8.8 3/5 failed -- No route to host
<28>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="4"] Ping request for 8.8.8.8 4/5 failed -- No route to host
<27>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="5"] Ping request for 8.8.8.8 5/5 failed -- No route to host
<27>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="6"] 'wan_check' ping test failed
<30>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="7"] 'wan_check' trying to restart
<30>1 2022-04-16T10:50:19+02:00 xx.xx.at monit 58983 - [meta sequenceId="8"] 'wan_check' stop: '/usr/local/sbin/configctl interface linkup stop vtnet1'
<30>1 2022-04-16T10:50:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="9"] 'wan_check' start: '/usr/local/sbin/configctl interface reconfigure vtnet1; /usr/local/sbin/configctl interface linkup start vtnet1'
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="1"] Ping request for 8.8.8.8 1/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="2"] Ping request for 8.8.8.8 2/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="3"] Ping request for 8.8.8.8 3/5 failed -- No route to host
<28>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="4"] Ping request for 8.8.8.8 4/5 failed -- No route to host
<27>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="5"] Ping request for 8.8.8.8 5/5 failed -- No route to host
<27>1 2022-04-16T10:52:20+02:00  monit 58983 - [meta sequenceId="6"] 'wan_check' ping test failed
<30>1 2022-04-16T10:52:20+02:00 xx.xx.at monit 58983 - [meta sequenceId="7"] 'wan_check' trying to restart

Is it a permissions or environment problem ?!

17.1 Legacy Series / dynamic public ip / default gateway offline

« on: March 08, 2017, 09:43:19 pm »

Hi,

my WAN-Interface is configured to dhcp to get a public IP address from my provider. I use a LTE-moden in bridge mode. I think my provider change the address every 24hours and after the public IP has changed my internet connection is broken. Opnsense switched the default gateway to offline because ping to 8.8.8.8 failed.

To get my internet connection online again I found two options:
* Reboot the complete system
* Start the script /usr/local/etc/rc.reload_interfaces

Is it possible to renew the IP address when the default GW is offline? Is there a existing function?

If not I will try to implement a script via cron.

like:

Code: [Select]

#!/bin/sh
/usr/bin/timeout 10 /sbin/ping -c4 google.com > /dev/null

if [ $? != 0 ]
then
  /usr/local/etc/rc.reload_interfaces
fi

thanks

17.1 Legacy Series / [SOLVED] Pure NAT

« on: March 08, 2017, 09:31:49 am »

Hi,

I migrated from a Ubiquiti Edgerouter to a virtual opnsense installation. Migration was successfully, edge router is powered off

. Now i configure some additional services, like DHCP, port forwarding, dyndns ....

Port forwarding works as expected (access from Internet), but from my internal LAN I cannot connect to the forwarded ports. I used following manual to configure the "Reflection NAT

https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

My setup:
* opnsense latest version
* virtual machine with one network adapter
* I use VLANs to separate DMZ,WAN,LAN, GUEST an so on. This configuration is working fine.
* My WAN connection: I use a Netgear LTE Modem in router mode. WAN Interface is a static IP4 Address (192.168.5.100) and my default gateway is 192.168.5.1 (Netgear modem). Is this a problem? Should I set the modem to "bridge mode"?

I tried to set the "Filter rule association" to "Pass" but the connection i still not possible.

What can I do to find the failure?

BR, cnu80

PS: Is it better to use several network interfaces instead of a VLAN-trunk?

Pages: [1]