OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of kasper93 »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - kasper93

Pages: [1]
1
22.1 Legacy Series / Disabling GIF tunnel interface doesn't have an effect
« on: June 16, 2022, 01:46:16 pm »
Hi,

I have HE Tunnel Broker configured (gif tunnel). I noticed two problems.

1. Disabling interface (assigned to gif tunnel) doesn't have an effect, routes are still there and traffic is routed through this interface. (gateway is disabled and not shown, but still works)
2. Re-enabling interface doesn't work correctly. Gateway is still "disabled" and from GUI there is no way to enable it, it never goes up. I need to reboot to get to valid state.

I want the ability to enable/disable interface, because I don't want to use it all the time. But currently I cannot do that apparently.

Thanks,
Kacper

2
22.1 Legacy Series / Firewall logging and the size
« on: April 04, 2022, 05:02:06 pm »
Hi,

All traffic is logged as
Code: [Select]
let out anything from firewall host itself after NAT.

It makes logs huge and after a while, when `/var` is full, I need to restart machine, because opnsense is basically hung at this point. 

It seems quite strange and inconvenient to have all traffic logged and since it is default rule I cannot disable logging for it. I workaround the issue of hanging with limiting logs to 3 days, but still it is a problem to unnecessary log everything without ability to disable the logs without hacks.

Is is really intended default behavior? Maybe it is the VLANs? What are you doing to mitigate this log spam?

Thanks,
Kacper

3
21.1 Legacy Series / WireGuard doesn't work over HE IPv6 Tunnel Broker
« on: July 09, 2021, 08:30:19 pm »
Hi,

I have fairly simple setup, but cannot make WireGuard work over IPv6.

Interfaces:
WAN: My ISP provided IPv4
WANv6: HE IPv6 Tunnel Broker
WG: WireGuard

Now when I use IPv4 endpoint on client peer it works flawlessly. But when I use IPv6 it doesn't work. Handshake packets come through from client as I see peer IPv6 address on opnsense and I see both TX/RX traffic. But on client peer I see only TX, never got any packet back. Looks like WG server responses are lost.

Any idea how to diagnose/resolve this?

Thanks,
Kacper

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2