Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - jl_678

#1
Hi,

I have a question about Netflow that is confusing.  So I have some local machines that were originally configured with DHCP.  The machines in question received IP's dynamic IP's and one of them was .240.  Since that machine contained a webserver, I decided to turn off DHCP and set it to a static IP of .30.  The strange thing is that the DHCP IP address of .240 is still listed in the DHCP server client list and Netflow is showing traffic on that IP.  Yet if I  go to the system in question, it is statically assigned .30 and .240 is nowhere to be found.

This may be normal behavior, but I am confused by it.  Why wouldn't Opnsense attribute traffic originating from .30 as from .30 versus from the unused .240 address?  Also, why does Opnsense show the client as active with .240 when that IP is not actually used?

I appreciate any insights that  anyone can share.

TIA!
#2
17.7 Legacy Series / External traffic analysis tool
November 19, 2017, 04:51:51 PM
Hi,

I like the analytics in Opnsense and am thinking about performing additional traffic analytics.  (Trying to review data usage by LAN client and understand the trends and those clients that might be using more than expected.)

Can anyone recommend an opensource tool that might help with this?  It would need to understand the exported data from Opnsense and ideally allow for more detailed analytics in an easy to use fashion.

Thank you in advance.
#3
Hi,

I love the Network Insight took and the visibility that it gives me into bandwidth usage.  However, I have a couple of questions:

1. The view always to defaults to WAN when I visit the page.  Can I switch it to default to LAN since that is the information that I am most interested in?

2. Everything is listed by IP which is fine, but it is hard to recall which IP is associated with which device.  Is there any way to map a friendly name with these IPs and report on that?  For example, map 10.0.1.14 to "HomePC" and then have Network insight show "HomePC" instead of the IP.

TIA
#4
Update: See last post for the simple solution

Hi,

I just installed Opnsense and things are working well.  However, I have encountered an unexpected issue.  Here is what I am seeing:

I used named-based web-hosting and so my external hostname is both foo.bar.com and foo2.bar.com.  These go to the same server and Apache uses the DNS to send me to the right site and SSL is in use.

If I am on an external network, I can access foo2.bar.com without an issue.  This is through port 443 and https, and I have a rule setup allowing access to an internal server say 10.0.0.20.

The problem occurs if I am on my internal network.  Now, let's say that I want to access the foo2.bar.com SSL site on 10.0.0.20.  The first thing that I try is to go to foo2.bar.com.  However, this does not work.  I think that the problem is due to DNS resolving the public IP and then Opnsense trying to send the GUI which creates an error.  Going to https://10.0.0.20 does not work because it provides the foo.bar.com website and not foo2.bar.com.

I tried changing the GUI to a different port and now the internal requests to foo2.bar.com time out.  What can I do to enable access to foo2.bar.com?

Thank you!
#5
17.7 Legacy Series / Newbie questions
October 19, 2017, 07:28:21 PM
Hi,

I have decided to go down the path of building a homebuilt router and purchased an embedded server with 8GB of RAM, a Celeron 3150U and 128GB SSD.  I have a few questions that I hope knowledgeable folks could answer:

1. I noticed questions about 32bit vs 64bit.  Does this imply that Opnsense will not support anything beyond 4GB of RAM?  I assume that 8GB will not be an issue, but that I will just not use half of it.  Is that correct?

2. I am using this for a home firewall and so want web filtering.  Ideally, I would like to customize filtering so that some devices are strongly filtered and others are not filtered at all.  Is that possible?

3. As a follow-on to #2, I am thinking about Proxy configuration.  I have some IOT devices that don't natively support proxies.  My assumption is that I can set rules to allow certain IPs to bypass the proxy, correct?  Also will we need manual proxy configuration on all clients?

TIA for any thoughts.

JL