OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of ryp43 »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - ryp43

Pages: [1]
1
23.7 Legacy Series / double "block all targeting port 0" Automatically generated rules on the WAN
« on: November 09, 2023, 07:41:10 am »
Hi!

I have noticed that there is a double "block all targeting port 0" Automatically generated rules on the WAN interface - OPNsense 23.7.7_3-amd64

   IPv4+6 TCP/UDP   *   *   *   *   *   *   *   block all targeting port 0   
     IPv4+6 TCP/UDP   *   *   *   *   *   *   *   block all targeting port 0

Might be a bug?

2
22.7 Legacy Series / Block private networks - blocks 100.75.* network
« on: December 09, 2022, 10:44:14 am »
Hi!

My OPNsense is blocking connections from address 100.75.* with labeling "block private networks from WAN"  while "Block private networks" is checked under the WAN interface.

though help for this option states: "When set, this option blocks traffic from IP addresses that are reserved for private networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses (127/8) and Carrier-grade NAT addresses (100.64/10). This option should only be set for WAN interfaces that use the public IP address space."

I will appreciate any help.

Thanks in advance

3
22.7 Legacy Series / While creating Shaper rules, is selecting the WAN interface enough?
« on: October 29, 2022, 10:50:52 am »
Hi!

While creating Shaper rules, is selecting the WAN interface enough, or shall I also choose WG0 (Wireguard) as Interface 2? I want to share all outgoing traffic.

Thanks in advance!

4
22.1 Legacy Series / [SOLVED] after changing ISP no incoming IPv4 connections - IPV6 works fine
« on: May 05, 2022, 08:50:05 pm »
Hi friends!

I had the following working IPv4/IPv6 OPNsense setup: VDSL2 router configured as bridge -> PPPoE -> OPNsense

Two days ago I moved to a new ISP, got credentials, set them under the WAN interface, and thought that everything is fine. All clients have an internet connection with both protocols... until I noticed that there are zero incoming IPv4 connections. Tried to connect to my network from outside with an IPv4 public address and it failed with no evident logging under Firewall-> Live View (I have all possible logs enabled under System->Settings->Logging).

Connecting with the IPv6 public address works fine.

Did some investigating and I see only a single thing that changed: with the new ISP, my IP address is 100.88.xx.xx/32  while with the previous ISP it was equal to the public IP.

I have tried disabling “Block private networks” and “Block bogon networks”, but still don’t see anything.

Will appreciate any help!

Thanks in advance

5
22.1 Legacy Series / incorrect MTU upon WAN(pppoe) interface reload from INTERFACES: OVERVIEW
« on: May 05, 2022, 07:49:53 pm »
Hi All!

I have set MTU on the WAN interface to 1460 (Calculated PPP MTU: 1452).

Upon router reboot the MTU has the correct value:

sudo ifconfig
pppoe0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1452
        description: WAN

But if I initiate "reload" from INTERFACES: OVERVIEW the MTU resets to 1460

sudo ifconfig
pppoe0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1460

Can it be a defect?

Thanks in advance!

6
22.1 Legacy Series / is wireguard-kmod supported under Opnsense 22.1?
« on: February 15, 2022, 11:53:26 am »
Hi!

I have upgraded to Opnsense 22.1.

Shall I install wireguard-kmod? I was using it before the upgrade.

Thanks in advance

7
21.7 Legacy Series / Unbound with DoT fails to verify certificates with clock drift
« on: December 25, 2021, 11:58:54 am »
Hi!

Due to a power outage, my router rebooted and its clock was set 3 months back.

Upon start-up, the Opnsense got connected but NTP failed to sync the clock due to large drift and as a result, Unbound with DoT failed to verify certificates.

Only by setting the time manually, I was able to fix both services.

It's not a robust behavior for the router. Is there a way to configure forced clock sync?

Thanks in advance

8
21.7 Legacy Series / How to use setting under Unbound:"Verfiy if CN in certficate matches"
« on: August 06, 2021, 06:34:25 pm »
Would like to know what shall be entered under the setting under Unbound: "Verfiy if CN in certficate matches" for Cloudflare DNS?

Also, the setting is terribly misspelled.

9
21.1 Legacy Series / trying to add a rule or queue in the shaper opens an editing dialog (21.1.4)
« on: April 02, 2021, 11:03:25 am »
After upgrading to OPNsense 21.1.4 and trying to add a rule or queue in the shaper opens an editing dialog.

Is there any workarrond?

Thanks in advance.

10
21.1 Legacy Series / Editing a particular entry at System->Settings->Tunables opens different one
« on: February 13, 2021, 12:04:58 pm »
Editing a particular entry at System->Settings->Tunables opens a different one 

Example clicking on "net.inet6.ip6.redirect" opens "net.inet.tcp.log_debug"

11
21.1 Legacy Series / After upgrade to 21.1.1 Web UI is not working on Safari@iPhone, works on Chrome
« on: February 11, 2021, 11:12:34 am »
After upgrade to 21.1.1 Web UI is not working on Safari@iPhone, works on Chrome

On Safari getting 400 Bad Request.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2