Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Nekromantik

#1
23.7 Legacy Series / Github Issues
January 13, 2024, 10:46:21 PM
Hi all
So since November time I am having a lot of intermittent timeout issues when connecting to github.com or any of its domains.
DNS resolves but then connection times out and I need to try 5 to 8 times to get it to connect.
I tried to rule of Sensu by disabling it and then it works for 1 try and then breaks again so not Sensu.
I am not seeing any firewall drops and no IDS enabled.
To rule out my ISP I went back to ISP router for 24 hours and no issues. Not one timeout.
I am out of ideas. Why is Opnsense not connecting to Github?
#2
Zenarmor (Sensei) / Activity Explorer Blank
January 13, 2024, 12:28:00 PM
Hello
Anyone how to fix the activity explorer interface on opnsesne zenarmor dashboard would always be blank?
#3
23.1 Legacy Series / Speeds Halved
May 30, 2023, 07:44:11 PM
Hello

So since update to version 1.23.7 my speeds keep dropping randomly.
i got 500mb connection but keep getting only 90mb after update.
before speeds never went down. this is for LAN and WIFi devices
If I turn off Zen Armor speeds stay same but if i turn it back on they return to normal.
same thing if I reboot. sometimes they return to normal and other times stay slow.
#4
hi all

so I upgraded to 23.1.7.2 and then .3 and now my Internet speeds have dropped from 500-530 to 90 to 99. This is both on wired and wireless and I have made no changes to Opnsense or my setup since the update. I unplug opnsense and direct LAN speed test goes back to 500 to 530,

just as a test I switched off zen amor and IPS and no difference. something has caused this on new version.

can I roll back to previous version?
#5
General Discussion / WOL Over Different Subnets
January 18, 2023, 04:33:25 PM
Hello

I have 2 LANs in my home one for Wired and one for wireless.
I want to use a client on my wifi device to send WOL packet to a device on the wired network.
Is there any relay or proxy on opnsense that will work for this?

Thanks
#6
Development and Code Review / CrowdSed Plugin
December 15, 2022, 01:59:48 PM
Hello

Does the CrowdSec plugin support the Prometheus endpoint? I cant seem to connect to port 6060 on the FW IP.
#7
Hello
I followed this guide to have selective routing to go via Wirehuard: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
However the client I have selected does not work now as it gets SSL cert mismatch error. It looks like its getting the OpnSense SSL cert on every webpage.
Anyone else have this issue?
#8
hi all
I been using Unbound as my network DNS server and upstream to DNS Crypt Proxy.
However I constantly get DNS not resolving on browsers. This does not happen if I use Unbound to upstream to Quad9 instead.

So do most of you guys just use Unbound to upstream to DoT servers with DNSSEC or use DNSCrypt?
#9
Hi all
Is there any guides on setting up a OpenVPN Client on OPNSense with Mullvad and routing 2 clients only through it?
I use Mullvad VPN and gave up on wireguard as it just did not work.

Thanks
#10
General Discussion / GetDNS update
December 15, 2020, 08:52:03 PM
hi all
will GetDNS and Stubby plugin get updated to latest version?
#11
Hi all
So I have a web server that has a NAT to forward traffic to it from WAN.
This works fine.
I then had to add that domain and re direct it to Internal IP in Unbound to stop it breaking when Im on the Internal network.
This stopped working after the last update to OPNSense.
Now I started to get OPNSense cert error when accessing from inside as its trying to hit hit the firewall IP on 443 and getting to the firewall instead of going to web server so the unbound dns over ride has broken.
Any tips?
#12
Hi
I changed to LibreSSL 19.1.9 and now Unbound and Stubby does not work.
No DNS.
Until I change unbound to use Cloudflare or Quad9.

Anyone know fix?
#13
19.7 Legacy Series / 19.7 FreeBSD 12
June 30, 2019, 12:27:14 AM
hi
will 19.7 be freeBSD 12 based?
#14
General Discussion / BruteForceBlocker
January 24, 2019, 11:37:34 PM
Anyone tried this on OPNSense?
https://github.com/dgerzo/bruteforceblocker
Could be useful if it works.
#15
19.1 Legacy Series / update packages breaks opnsense
December 16, 2018, 02:21:04 AM
hi
after installing 19.1 if you do a update package, when its removing suricata it all of a sudden breaks the UI as in a refresh you get a 403 forbidden and even ssh access is gone.
if you reboot it does not boot up correctly and box is broken as you cannot login as opnsense file is missing according to login on the console.
only fix is to start again from usb install.
is this known issue?
#16
18.7 Legacy Series / cannot access web UI anymore
November 06, 2018, 07:07:25 PM
Hi all of a sudden I cannot connect to the web UI of OpnSense.
On both Chrome and Edge I get
"ERR_SSL_VERSION_OR_CIPHER_MISMATCH"
I made no changes  to any opnsense ssl settings.
Running 18.7.6
#17
18.7 Legacy Series / Dynamic DNS Cloudflare Broken
October 29, 2018, 08:01:34 PM
Hi all
Cloudflare DDNS has broken in OPNSense.
Must be a API update as in logs now I see this:

opnsense: /services_dyndns_edit.php: Dynamic DNS: ERROR - Zone ID was not found.
#18
18.7 Legacy Series / firewall live view filter
September 20, 2018, 10:15:58 PM
Hi
There is no documentation on how to filter in the live view.
Is it just "192.168.1.2" for example?

I tried that and it shows nothing.
#19
General Discussion / Adblock
August 27, 2018, 01:43:47 PM
Hi all

Just wondering what method most people are using for ad blocking via Opnsense?
I am trying the DNCrypt-Proxy 2 regex filters but they dont seem to work very well on pop up ads.
Next method I have seen is unbound blacklist.
#20
General Discussion / DNSCrypt Proxy Only Localhost
August 26, 2018, 12:37:16 AM
Hi all
I have DNSCrypt proxy 2 set up and running on 127.0.0.1 port 5353.
On opnsense I can use drill to query DNS on that port and it works.
However when I got Unbound forwarder set to :
forward-zone:
    name: "."
    forward-addr: 127.0.0.1@5353


all my LAN devices cant query DNS anymore.
When I add 8.8.8.8 to the forwarder it works again.

Any suggestions?