Topics

Have anyone tried the "new" OpenVPN Windows client with combined password and OTP prompt?

Saw this in OpenVPN client setting: "Prompt for OTP and combine with password"

When using OpenVPN instance with DCO I get this in log:

dco_update_peer_stat: invalid peer ID 1 returned by kernel

Looks like at bug if I search internet.

Would it be possible to use aliases to define local and remote subnets in IPSEC connections setup?

How do I configure IPSEC in the new connections with remote endpoint as hostname and Identities as IP addresses?

In the old config I just put hostname in Remote Endpoint and setup PSK and setup Identities to My IP and Remote IP.

How do I configure that in the new IPSEC PSK setup?

Hi,

After updating to 23.7.7 I can no longer choose aes128gcm16-aesxcbc-modp2048 in new IPSEC Connections Proposals.

When using the new IPSEC "connections" Automatically generated rules for IPSEC is no longer created.

Why do I have to setup the IPSEC local and remote IDs 2 times in 23.7?

In both "Pre-shared Keys" menu and in Authentication section of Connection setup.

In 23.7 the enable IPSEC is still in Tunnel Settings [legacy]. If disabled in legacy the new "Connections" does not start.

After some of the 22.7 updates I get:

debug.pfftpproxy   Disable the pf ftp proxy handler.   unsupported   unknown   

warning: ignoring missing default tunable request: debug.pfftpproxy

Should I just delete debug.pfftpproxy or is it a bug in os-ftp-proxy plugin?

ipsec: remove hashes and algorithms no longer supported by FreeBSD 13

Does this mean that 3des, sha1 and md5 is no longer supported in IPSEC tunnels?

When I use Captive Portal and hit "sign in" the page does not reload at Android.
At Ipad I get blank page with the text Success instead of a page with "logout"
Can this be fixed?

How do I define redirurl from the GUI (like Pfsense have)

From default template:

Code Select Expand


                       // redirect on successful login
                        if (data['clientState'] == 'AUTHORIZED') {
                            if (getURLparams()['redirurl'] != undefined) {
                                window.location = 'http://'+getURLparams()['redirurl']+'?refresh';
                            } else {
                                window.location.reload();


Hi,

can I use configuration export from a OPNsense NANO install and import it on a new full install OPNsense without having nano specific configurations at the new install?

I need to create a firewall rules that gives access to IP's which ends at e.g. .64

Using another firewall provider we could do this by using wildcard netmasks as this 0.0.0.64/0.0.0.252

Can this be done some how with OPNsense?


We need to do the same as this other Cisco example:
Match all 192.168.x.1 addresses:
permit 192.168.0.1 0.0.255.0

Just installed Wireguard.

I have Firewall -> Rules -> Wireguard (had to edit another rule and hit save for Wireguard to show up)

Some guides say that I have to assign wg0 to a new interface - In which use cases would I need to assign the wg0 interface?

Have anyone tried opnsense at Innovision hardware?

So far I have used Qotom hardware for years without problems but they do not provide rack mount systems.

Found this one and would like to know if anyone have trid it:
https://a.aliexpress.com/_mPGe1Ll

Hi,

I have had a few new sites where I need to set MSS=1400 om LAN interface to get traffic through IPSEC tunnels.
Is that a "normal" problem?

If i look in the FreeRadius log "Services: FreeRADIUS: Log File" all usernames/passwords I have tested using System/Access/Tester is listed in clear text.

Is there any GUI changes related to NAT over IPSEC or should I still use Manual SPD setting i phase 2?

Hi,

When I go to System -> Gateways -> Single I see a packet loss of 0.0% but when I go to Reporting -> Health -> Quality I see a loss of 100-200m.

How should I read those data?

[data=0/1 commands=5/6]

Have setup Postfix with rspamd, redis and clamav.

When receiving emails from ebay (only so far) I get the email but ebay resend it again many times.

In the log I get this:
postfix/smtpd[82980]: disconnect from mxphxpool2041.ebay.com[66.211.185.204] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 commands=5/6

Is it a timeout problem in some of the components or how do I fix it?