OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of scrensen »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - scrensen

Pages: [1]
1
Zenarmor (Sensei) / Error during update
« on: June 21, 2022, 08:47:48 am »
I'm getting errors on attempting to update the repo's:

Updating SunnyValley repository catalogue...
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/22.1/OpenSSL/latest/meta.txz: Internal Server Error
repository SunnyValley has no meta file, using default settings
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/22.1/OpenSSL/latest/packagesite.pkg: Internal Server Error
pkg: https://updates.sunnyvalley.io/opnsense/FreeBSD:13:amd64/22.1/OpenSSL/latest/packagesite.txz: Internal Server Error
Unable to update repository SunnyValley
Error updating repositories!

The 'cloud node' status for both Europe and Europe2 is intermittently on and off as well, I guess related.

Anyone else experiencing the same?

2
21.7 Legacy Series / 21.7.3 OpenVPN - tls-crypt not working?
« on: September 23, 2021, 12:23:11 pm »
Hi all,

I just upgraded to 21.7.3 and I see it has tls-crypt support for OpenVPN.

So I headed over to my server config looking to enable tls-crypt and found an option under 'TLS Authentication' called 'enabled - authentication & encryption', which seemed the right option (Although not sure if this was there in a previous version or not).

So I select this option and press 'Save' and go back into the settings. And there I see that the option jumped back to 'Enabled - authentication only', which was the initial value.

Can't find anything in the logs that point in the right direction. Anyone any idea?

3
Intrusion Detection and Prevention / PHP error when applying policy
« on: May 11, 2021, 02:38:42 pm »
Hi all,

I've created a policy and when tying to save it I get a PHP error. See screenshots attached.

I haven't done anything fancy, if even possible here. Just selected a few rules and the actions and that's about it.

Anyone here an idea of what the cause could be and how to solve it?

Thanks in advance!

P.s. Running OPNsense 21.1.5

4
Dutch - Nederlands / Hulp gevraagd bij VLAN config
« on: January 06, 2021, 04:27:58 pm »
Hoi,

Even een vraag over wat de logische setup zou zijn in mijn geval.

Ik heb een hardware appliance gekocht voor opnsense bij osnet.eu. Dit apparaat heeft 6 ethernetpoorten, en is als volgt aangesloten:

igb0 --> modem
igb1 --> switch1
igb2 --> switch2
igb3-5 --> nog niet in gebruik

Ik wil 2 netwerken 'serveren', waarvan 1 voor mijn reguliere apparaten (phones, tablets, laptops) en 1 voor wat IoT devices. Dus 2 gescheiden subnetten/VLANs, bijvoorbeeld VLAN10/192.168.10.1/24 (regulier) en VLAN20/192.168.20.1/24 (IoT).

Ik heb de VLAN's reeds geconfigureerd op de switches en wifi accesspoints (allen van ubiquity en redelijk makkelijk te configureren/managen)

Ik heb aan mijn LAN kant:
2x switch
2x wireless AP

Switch 1:
Port1: Uplink naar router port igb1
Port 2: wifi AP1 (met SSID 'regulier' gelinkt aan VLAN10 en SSID 'iot' gelinkt aan VLAN20)
Port 3-6: 4 apparaten die ik bedraad wil aansluiten (in het reguliere netwerk aka VLAN10)

Switch 2:
Port1: Uplink naar router port igb2
Port2: wifi AP2 (met SSID 'regulier' gelinkt aan VLAN10)
Port 3-7: 5 apparaten die ik bedraad wil aansluiten (NAS, rPI's etc. Mix van VLAN10 en VLAN20)

Op wifi AP1 kunnen dus pakketten met VLAN10 en/of VLAN20 worden ge-tagged die vervolgens via port2 en port1 van switch1 naar mijn opnsense router gaan en daar binnen komen op port igb1.

Hoe kan ik mijn opnsense router nu het beste configureren (qua interfaces/assignments en VLANs), om ervoor te zorgen dat bijvoorbeeld mijn telefoon en tablet een IP adres krijgen uit hetzelfde subnet (VLAN10) en mijn IoT apparaten uit een ander subnet, gelinkt aan VLAN20. Wat allemaal binnenkomt op 1 poort nl. igb1

Ik twijfel over bijvoorbeeld hoe ik op mijn opnsense router beide VLANs moet aanmaken en aan welke (parent) interface ik die moet toewijzen. Een VLAN kan maar aan 1 parent interface, dus ik dacht aan VLAN10 aan igb1 en VLAN20 aan igb2. Maar op igb1 krijg ik dus pakketjes binnen voor beide VLAN's. Dus hoe werkt dat dan voor VLAN20?

Hopelijk iemand hier die me van advies kan voorzien. Bedankt alvast!

5
General Discussion / opnsense box with unifi AP setup
« on: February 09, 2018, 10:32:29 pm »
Hi all,

I have a question. I would like to know if my setup is correct.

Reason for asking is because I recently changed a few things, but now I have intermittent connectivity issues when connected via wifi. And I didn't have these issues before the changes. And now I can't find the cause.

I bought a appliance with opnsense pre-installed. It has 6 Gb ports.

What I want is a LAN (containing both wired as well as wireless connected devices), a VLAN for IoT devices and a VLAN for Wifi guests.

My setup is as follows:

Cablemodem (bridge modus)
            |
OPNSENSE appliance
            |
Several devices

Port2 on my opnsense box acts as the WAN port and receives a public IP (DHCP) from my provider.

On ports 3-6 I have several devices connected, like a NAS, DTV device etc. On port 1 I have a Unifi wifi AP connected.

Now I have created a bridge interface, containing interfaces 1,3,4,5 and 6 for the LAN. That bridge has a fixed private IP and I have DCHP server setup on this interface.

Because I want to have 3 separate wifi networks, I have created 2 VLAN's with parent interface port 1 (to which the unifi is connected). Both VLAN's have a fixed private IP and DHCP servers are setup.

On the unifi I have 3 wifi networks; wifi, wifi-iot tagged with VLAN1 and wifi-guest is tagged with VLAN2.

I think this should work, but as said I'm experiencing intermittent connectivity issues on wifi.

If there is someone that could just think with me here and maybe has some remarks then that would be highly appreciated !

Thanks in advance

Sven

6
18.1 Legacy Series / FW log - Live View - incorrect logging compared to rule config
« on: February 05, 2018, 12:16:33 pm »
Hi all,

Just upgraded (Currently running OPNsense 18.1.1-amd64) and I see something weird in the new log Live View.

Attached 3 files, fw_rules.png, fw_log.png and fw_log2.png

In fw_log.png you will see:
Blocked on interface VLAN99, source 192.168.x.20 to destination 192.168.1y.y port 8880 rule description 'Allow guestnet to guestportal'

In fw_rules you see the second rule says:
Allow from source VLAN99 net to destination 192.168.1y.y port 8880 rule description 'Allow guestnet to guestportal'

So in logging it seems traffic is blocked by a rule that actually allows the traffic.

Am I missing something here ?

And to make it more strange, when I change the logging page to show 5000 lines and look for the lines in fw_log.png, I see again something strange, see fw_log2.png

Any idea?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2