Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - erickufrin

#1
I am having a weird problem with multi wan which I cannot figure out the solution. I have gone to the extent of a wipe and reload of my fw software and starting the config 1-by-1 only to still have the problem. Now asking for help.

When I put the LAN fw rule for outbound traffic into load balance group where both WANs are in same Tier1 - I experience intermittent traffic failures.

I have multi wan setup per the guide.

WAN1 = cable modem w/ dhcp public IP
WAN2 = opnsense is NAT IP behind DSL "router" which has public IP

After several days I finally made some discovery after looking into the WAN2 DSL router logs - it is denying traffic for reason of packets "invalid src IP address" of WAN1.

Traffic shouldnt be coming in an interface that did not originate from, correct...??

When I have either WAN configured as Tier1 and the other as Tier2, I have zero issues like this.

Only when they are both at the same Tier does it occur. Please help
#2
DNS queries to my override domain/server have  been failing consistently (sporadic) since the last update which included unbound 1.7.1

It appears there is a newer version (1.7.2) now of unbound. Maybe that fixes this??

Here is a chart showing the DNS queries failing ever since the last opnsense uppdate.

(red lines are where its failing)

In my efforts too overcome this I have turned TTL for Host cache entries from 15min to 1min. That helps a little I think but does not solve the problem.

Please help!
#3
General Discussion / Syslog over TLS
April 19, 2018, 01:48:06 PM
Is it possible to configure TLS for syslog? Is anything special needed beyond just defining the TLS port number for my syslog target? want to secure that traffic.