Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Hill003

#1
Hi, I've set a freeradius server in the LAN, with radiusd -X the reply msg was ok with users like "Accept", however, in the popup page, it still shows authentication failed.

Also, in the postauth table, it shows accept as well and nothing in the session page from the GUI.
#2
General Discussion / LAN THROUGH IPSEC VPN
April 06, 2019, 02:21:28 AM
Hi,

I have two OPNSENSEs, and they are directly connected, FW2 is connected to the Internet. I expected that LAN on FW1 could access the Internet through a IPSEC link between FW1 and FW2. Here's what I've done:

1. establish the IPSEC between FW1 and FW2;
2. raise a default route 0.0.0.0/0 from FW2 to FW1 in IPSEC;
3. add LAN from FW1 to the NAT rules on FW2;

And it worked fine. I could use the PC under FW1 to access the internet without any problem!

But here's the problem, when I can't to access the FW1 using PC under FW1. When I packet captured on FW2, I found all the pkgs from PC to FW1 are routed to FW2! Could anyone help me to get this work? Any hints would be greate, many thanks!

PC:192.168.0.10/24
FW1 LAN:192.168.0.1/24
FW1 WAN:192.168.40.10/24
FW2 LAN:192.168.40.1/24
FW2 WAN:10.1.2.3/22
#3
Chinese - 中文 / ipsec vpn路由问题
April 06, 2019, 02:08:49 AM
大家好,我遇到了一些问题需要大神帮助。

我设置了两台防火墙 FW1,FW2

FW1 LAN:192.168.0.0/24
FW1 WAN: 192.168.40.0/24
FW2 LAN:192.168.40.0/24
FW2 WAN: 10.2.3.4

需求是期望FW1的LAN通过IPSEC VPN与FW2相连,并通过FW2上网;
目前的现象是VPN能够建立,而且也能够通过FW2上网;
但是所有FW1的LAN中的主机都无法直接与其网关通信;
在FW2上抓包发现所有的流量都走到了FW2上,也包括FW1中LAN与网关的通信;
请问有什么办法能让FW1中的LAN主机与网关的通信留在内网不走IPSEC啊?
#4
Hi. I just recently set a website on eth1 from the OPNsense, and I also activated captive portal and radius accounting on eth2 for the guest users. How can I make the radius just accounting for the traffic from the guests to the WAN without the traffic to the eth1?

Cheers
#5
Chinese - 中文 / 关于radius的问题
November 21, 2018, 01:50:45 PM
大家好,我是新人,问题是这样的:
我在opnsense上的eth0接口部署了一个网站,在eth1口开启了captive portal和radius计费,请问如何能够让radius或者opnsense对于来自于eth1口访问eth0口网站的流量不计费而只对访问wan的流量计费?