OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of inorx »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - inorx

Pages: [1]
1
German - Deutsch / OpenVPN auf Port 443: Routing Problem mit Reverse Proxy vor Webserver
« on: March 31, 2023, 06:06:19 pm »
Hallo zusammen

ich habe folgendes Setup:

Internet -> OPNSense mit OpenVPN -> Apache Reverse Proxy (SSL Terminierung, 443) -> Apache mit Web Anwendung (http, 80)

Wenn ich aus dem LAN, das sich hinter der OPNSense befindet, via Reverse Proxy 443 auf die Web Anwendung zugreife, geht das problemlos.

Greife ich vom Internet via OpenVPN und den Reverse Proxy auf die Web Anwendung zu, dann ergibt sich ein interessantes Resultat:

(1) OpenVPN Server auf Port 1194 -> funktioniert einwandfrei.
(2) Zweiter OpenVPN Server, gleiche Konfig, aber auf Port 443 -> Der SSL Handshake schlägt fehl. Interessanterweise nur bei den Anwendungen hinter dem Reverse Proxy. IMAP/S, SMTP/S und anderes, das ohne Reverse Proxy ansprechbar ist, funktioniert einwandfrei.

Mein Bauchgefühl sagt mir, dass da zu viele port 443 im Spiel sind und beim NATten etwas schief läuft? Ich habe allerdings keine Ahnung, was.
Sagt euch das Problem etwas, kennt ihr das und die mögliche Ursache und Lösung?

Vielen Dank für eure Hilfe.



2
23.1 Legacy Series / Daily Report by Email?
« on: March 05, 2023, 01:34:52 pm »
Hi all

pfsense provided the option to send (traffic graphs -> RRDTool) reports out by email, i.e. every 24 hours. That was quite helpful to get a quick overview of what was going on.

https://docs.netgate.com/pfsense/en/latest/monitoring/graphs/index.html

Example - a set of such views on different interfaces and over different timespawns could be configuried and then had been sent via email.



I was searching in opnsense for a related feature but did not find it. Only thing i found is the Health Report in the Reporting section of the Web GUI, but no option to send it via email.

I'd like to ask how you guys are solving the automated reporting? Do you have a workaround for this, using other tools? Or ....?


3
Tutorials and FAQs / Is there a guide on how to migrate from pfsense to opnsense?
« on: March 03, 2023, 08:11:04 pm »
Hi all

i'm just about to migrate an old pfsense installation with a rather complex and huge configuration which would be days of work to manually migrate.

I did a quick test with pfsense/export - opnsense/import but it failed (it corrupted the opnsense configuration, leaving the software crashing, so i had to reset it).
Also i found that i.e. for Aliases there seems to be no import option under those "parts of configuration restore" dropdown.

I read it might not be expected that the opnsense conf is compatible with the pfsense conf (correct?) and therefore it's adviced to import part after part. I'm wondering if there is something like a best practise guide on how to do this, i.e. order of parts, how do the conf files have to look lioke (pure xml? no header section? ...)? The latter would be helpful in case the import fails, so so reformating could be done manually in a text editor.

Any hint is very welcome.
Thanks for your support guys.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2