OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of gogolathome »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - gogolathome

Pages: [1]
1
Virtual private networks / Wireguard, ipv6, dynamic delegated prefix and possible solution
« on: November 12, 2022, 09:52:12 pm »
If the delegated prefix changes then you have to change the static Wireguard addresses when you want ipv6 through the tunnel.
The approach from the OPNsense guide is to give an ULA address to peer and client, but then test at https://test-ipv6.com/ say that my browsers prefer an ipv4 connection.
Then I thought about giving random GUA addresses outside my delegated prefix to peer and client and make use of the outbound NAT.
This works well and the above test says 10/10 for ipv6.
Are there any gurus that say that this is bad practice and that there will be problems that I overlooked?

2
21.7 Legacy Series / Is routing with 2 stacked OPNsense routers broken?
« on: December 29, 2021, 09:02:26 pm »
I have router A connected to my dual stacked bridged cable modem.
Router B is connected to Hyper-V and is behind router A. Connected to router B is a virtual Ubuntu linux host.

Internet -- Router A -- Router B -- Linux host

I configured everything to my best knowledge and every machine is dual stacked with IPv4 and IPv6. I get a /56 prefix from my ISP and delegated a /62 to router B. This just a test setup.

Now here comes the problem, there is no IPv6 connection possible:

Ping6 to 2a00:1450:400e:80e::200e from Linux host behind router B give no reply. I see packets leaving on router B WAN interface and coming in on Router A LAN interface. But they don't leave Router A WAN!

Ping6 to 2a00:1450:400e:80e::200e from Router B leave WAN interface from router A and get a reply, but they don't leave LAN interface from Router A to WAN interface from Router B. End result is no reply.

It seems that packets get lost on Router A and I am breaking my head why.
The routing table on Router A seems ok, but I have read an old topic about some problems with downstream routers: https://forum.opnsense.org/index.php?topic=7719.0

3
20.1 Legacy Series / dnscrypt-proxy standalone "bind: permission denied" for port 53
« on: February 05, 2020, 08:53:06 pm »
I am trying to use dnscrypt-proxy as standalone with cloaking rules.
When I disable unbound and enter listen addresses of my interfaces and standard listen port 53 in dnscrypt-proxy I get this message: "[FATAL] listen udp :53: bind: permission denied"

Because it is a privileged port dnscrypt-proxy has a problem binding to it as it is not running with root privileges. How can I solve this without opening access for <1024 ports for non-root users?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2