Topics

1

General Discussion / WAN packet loss

« on: September 18, 2020, 01:20:18 pm »

Hi,

When I go to System -> Gateways -> Single I see a packet loss of 0.0% but when I go to Reporting -> Health -> Quality I see a loss of 100-200m.

How should I read those data?

2

General Discussion / Postfix problem

« on: June 07, 2020, 05:09:19 pm »

Have setup Postfix with rspamd, redis and clamav.

When receiving emails from ebay (only so far) I get the email but ebay resend it again many times.

In the log I get this:
postfix/smtpd[82980]: disconnect from mxphxpool2041.ebay.com[66.211.185.204] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 commands=5/6

Is it a timeout problem in some of the components or how do I fix it?

3

General Discussion / Rspamd webGUI

« on: June 07, 2020, 09:45:18 am »

Installed rspamd and created NAT rule to access port 11334 from LAN but how do I set the rspamd webgui password?

4

General Discussion / Postfix and Lets Encrypt

« on: June 07, 2020, 08:54:58 am »

I have setup Postfix on opnsense to use Lets Encrypt certificate generated by acme plugin but how do I restart the postfix server when the certificate is renewed?

5

General Discussion / IPSEC backup remote gateway

« on: May 19, 2020, 09:42:49 am »

Is it possible to setup at backup remote gateway in phase1 of an IPSEC tunnel?

6

General Discussion / Dual WAN failover

« on: May 18, 2020, 11:34:07 am »

What will I gain from using a Gateway Group instead of just setting Priority on the single Gateways?
I just need failover.

7

Intrusion Detection and Prevention / Problem with access between LAN and LAN_VLAN with IPS

« on: June 24, 2019, 12:07:13 pm »

When I enable IPS on LAN interface and use "Promiscuous mode" I cannot access my Synology NAS at LAN_VLAN1200 from a PC at LAN.

8

Intrusion Detection and Prevention / [ERRCODE: SC_ERR_PCAP_DISPATCH(20)] - error code -2

« on: June 18, 2019, 02:36:26 pm »

Why do I get this error?

Jun 18 14:35:14   suricata: [100388] <Error> -- [ERRCODE: SC_ERR_PCAP_DISPATCH(20)] - error code -2
Jun 18 14:35:13   suricata: [100121] <Notice> -- Signal Received. Stopping engine.

9

19.1 Legacy Series / Cron job not running

« on: May 28, 2019, 11:32:12 am »

Hi,

I have tried to create a cron job that do "Dynamic DNS update" every 5 minutes.

When I look in the log I see no sign of the job executed.

10

General Discussion / How to setup FreeRadius to bind to Windows AD with LDAP

« on: May 27, 2019, 10:47:39 am »

Hi,

How do I configure FreeRadius plugin to authenticate against Windows Active Directory LDAP server.

I have setup LDAP:

Protocol type: LDAP
Server: IP of the LDAP server
Bind user: empty
Bind password: empty
Base DN: dc=company,DC=local
User Filter: (samaccountname=%{%{Stripped-User-Name}:-%{User-Name}})
Group Filter: (objectClass=posixGroup)

I'm not sure what to put in User Filter and Group Filter.

Can anyone help?

11

19.1 Legacy Series / NAT before IPSEC - Bug??

« on: May 24, 2019, 11:18:54 am »

Hi,

I have tried to setup NAT before IPSEC.

Followed this how to doc:
https://docs.opnsense.org/manual/how-tos/ipsec-s2s-binat.html

Is it not working with 19.1?

I havn't tried with 18.7.

(tested with a pfSense instead of my opnsense box and then it is working)

12

19.1 Legacy Series / BUG: log files views not shown correct after 19.1.8 update

« on: May 21, 2019, 11:41:54 am »

After 19.1.8 update the log files views show the same text in both Date and Message fields.

Modify: It is all the logs, not only IPSEC log.

13

19.1 Legacy Series / IPSEC BINAT problem

« on: May 06, 2019, 05:11:50 pm »

Hi,

I'm trying to replace a pfSense with OPNsense, but I cannot get IPSEC BINAT to work.

At pfSense I have this:
https://www.dropbox.com/s/ppdunpmmqpsgdyy/2019-05-06_1705.png?dl=0

At OPNsense I have setup this:
https://www.dropbox.com/s/soatzy8z50vuzpb/2019-05-06_1708.png?dl=0
https://www.dropbox.com/s/4ab1i9rnz1k2y9k/2019-05-06_1709.png?dl=0
https://www.dropbox.com/s/3ux1wcranpjc0gt/2019-05-06_1710.png?dl=0

When I try to ping 192.168.11.245 from 192.168.17.101 I get no responce with OPNsense.

The OPNsense do not seems to create the manual SPD I have typed.

Anyone that can help?

14

18.7 Legacy Series / OpenVPN tunnel network static range

« on: December 05, 2018, 12:23:37 pm »

With OpenVPN access server there is both a tunnel network for dynamic clients and one for static clients.
How do I add a tunnel network for static clients to a OpenVPN server at OPNsense?

If I add a tunnel network outside server tunnel network with client specific overrides, the trafic is not routed correct.

15

18.7 Legacy Series / Multiple OpenVPN instances

« on: December 04, 2018, 04:07:11 pm »

Hi,

Can I use the same server certificate for multiple OpenVPN instances?