Topics

Hi,

I have HE Tunnel Broker configured (gif tunnel). I noticed two problems.

1. Disabling interface (assigned to gif tunnel) doesn't have an effect, routes are still there and traffic is routed through this interface. (gateway is disabled and not shown, but still works)
2. Re-enabling interface doesn't work correctly. Gateway is still "disabled" and from GUI there is no way to enable it, it never goes up. I need to reboot to get to valid state.

I want the ability to enable/disable interface, because I don't want to use it all the time. But currently I cannot do that apparently.

Thanks,
Kacper

Hi,

All traffic is logged as

Code Select Expand

let out anything from firewall host itself after NAT.

It makes logs huge and after a while, when `/var` is full, I need to restart machine, because opnsense is basically hung at this point. 

It seems quite strange and inconvenient to have all traffic logged and since it is default rule I cannot disable logging for it. I workaround the issue of hanging with limiting logs to 3 days, but still it is a problem to unnecessary log everything without ability to disable the logs without hacks.

Is is really intended default behavior? Maybe it is the VLANs? What are you doing to mitigate this log spam?

Thanks,
Kacper

Hi,

I have fairly simple setup, but cannot make WireGuard work over IPv6.

Interfaces:
WAN: My ISP provided IPv4
WANv6: HE IPv6 Tunnel Broker
WG: WireGuard

Now when I use IPv4 endpoint on client peer it works flawlessly. But when I use IPv6 it doesn't work. Handshake packets come through from client as I see peer IPv6 address on opnsense and I see both TX/RX traffic. But on client peer I see only TX, never got any packet back. Looks like WG server responses are lost.

Any idea how to diagnose/resolve this?

Thanks,
Kacper