Topics

1

19.1 Legacy Series / [Solved] Alias Group Problem

« on: April 17, 2019, 02:58:58 pm »

OPNsense ver: 19.1.6

I can't add more then 4 exist alias to new alias (alias group). The file /var/db/aliastables/IP_Serwery_ALL.txt shows only content of first 4 alias ip.

 /var/db/aliastables/IP_Serwery_ALL.txt
192.168.1.10 -> Serwer_IPXE
192.168.0.11 -> Serwer_Nagios
192.168.0.12 -> Serwer_NAS
192.168.0.13 -> Serwer_AV

Should be :

 /var/db/aliastables/IP_Serwery_ALL.txt
192.168.1.10 -> Serwer_IPXE
192.168.0.11 -> Serwer_Nagios
192.168.0.12 -> Serwer_NAS
192.168.0.13 -> Serwer_AV
192.168.0.14 -> Serwer_AD


Also After click Apply button this kind of alias not update.
Update only when I remove  /var/db/aliastables/IP_Serwery_ALL.md5.txt or change md5 sum

2

18.7 Legacy Series / Miising alias description

« on: August 02, 2018, 07:47:56 am »

After upgrade to 18.7 alias description/detail is missing (in attach).
But in configuration backup exist.

Code: [Select]

    <alias>
      <name>FQDN_CRL</name>
      <type>host</type>
      <descr>Adresy List CRL ocsp</descr>
      <address>crl.certum.pl ovcasha2.ocsp-certum.com tg.symcd.com tg.symcb.com gj.symcb.com gj.symcd.com repository.certum.pl crl2.alphassl.com ocsp2.globalsign.com crl3.digicert.com crl4.digicert.com ocsp.digicert.com cacerts.digicert.com</address>
      <detail>CRL Certum||OCSP Certum||OCSP Thawte||CRL Thawte||CRL GeoTrust||OCSP Geotrust||CERT Info Certum||CRL GlobalSign||OCSP GlobalSign||CRL DigiCert||CRL DigiCert||OCSP Digicert||Wystawca Digicert</detail>
    </alias>

This is Bug ?
This field was very helpfull to identify specific entry.

3

18.1 Legacy Series / dnsmasq vs unbound dns

« on: April 10, 2018, 08:41:45 am »

Probably a stupid question. But what is the difference between dnsmasq and  Unbound DNS ?

4

18.1 Legacy Series / Openvpn config localization [SOLVED]

« on: February 25, 2018, 07:08:51 pm »

Where is openvpn config file (in shell).
In /usr/local..?
Thank you for answer.

I found:
/var/etc/openvpn/server1.conf

5

18.1 Legacy Series / Sorting aliases [Solved]

« on: February 09, 2018, 11:04:14 am »

1. Is any way to sort entries in alisess.
For example. I created host alias (attach screen).
I want add entry 192.168.0.12. Entry appeard on last position, but I want on second.
Is any way to add entry on second position from shell may be?

2. Also I have question. In faq  https://docs.opnsense.org/manual/aliases.html
I can create lists in lists.
    critical_servers {10.0.1.1 , 10.0.1.2}
    other_servers {10.0.1.100 , 10.0.1.200}
Then concatenate both by defining a new list:
    servers { critical_servers , other_servers}.

But I can't do that or I don't now how. I created two alias host list.
Next Firewall -> Aliasses -> View -> Add new aliase. I choose Host and in host field paste critical_servers and other_servers. And I can't save.
Error appeard:

The following input errors were detected:
    Entry "IP_Admin_Stacje0_INT " is not a valid hostname or IP address.
    Entry "IP_Admin_Stacje50_INT " is not a valid hostname or IP address.
    The name must be less than 32 characters long and may only consist of the following characters: a-z, A-Z, 0-9, _

I think there must be anather way to create list in list but i dont now how.

6

18.1 Legacy Series / Multi Wan- switching GW

« on: February 07, 2018, 01:00:01 pm »

I have configured multi wan from this tutorial.
https://docs.opnsense.org/manual/how-tos/multiwan.html
Option failover

When wan1 is down I don't have internet on station (unless I turn on Firewall->Settings-Advanced->Allow default gateway switching) But this option is  deprecated.



My secenerio:
WAN - pppoe (default gw)
WAN2 - Static address

Routing Table (WAN pppoe UP)

Code: [Select]

ipv4 default 10.10.10.1 UGS 96 1492 pppoe0 wan
ipv4 10.3.4.0/29 link#9 U 107831 1500 em0_vlan100 WAN2
ipv4 10.3.4.3 link#9 UHS 0 16384 lo0
ipv4 10.10.10.1 link#14 UH 351 1492 pppoe0 wan
ipv4 10.10.10.5 link#14 UHS 0 16384 lo0
ipv4 127.0.0.1 link#6 UH 16436 16384 lo0
ipv4 172.25.100.0/26 link#10 U 0 1500 em0_vlan10 MGM_ZONE
ipv4 172.25.100.1 link#10 UHS 22 16384 lo0
ipv4 172.25.101.0/26 link#11 U 24 1500 em0_vlan11 SRVALL_ZONE



Routing Table (WAN pppoe DOWN,WAN2 UP)

Code: [Select]

ipv4 10.3.4.0/29 link#9 U 107995 1500 em0_vlan100 WAN2
ipv4 10.3.4.3 link#9 UHS 0 16384 lo0
ipv4 127.0.0.1 link#6 UH 16524 16384 lo0
ipv4 172.25.100.0/26 link#10 U 0 1500 em0_vlan10 MGM_ZONE
ipv4 172.25.100.1 link#10 UHS 22 16384 lo0
ipv4 172.25.101.0/26 link#11 U 24 1500 em0_vlan11 SRVALL_ZONE
ipv4 172.25.101.1 link#11 UHS 0 16384 lo0
ipv4 172.30.0.0/24 192.168.0.247 UGS 0 1500 em0 lan
ipv4 192.168.0.0/24 link#1 U 490384 1500 em0 lan
ipv4 192.168.0.1 link#1 UHS 11496 16384 lo0

Tables show routes when option Firewall-Settings-Advanced-Allow default gateway switching is disable.

Thank you for the advice