OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Suraki »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - Suraki

Pages: [1]
1
24.1 Legacy Series / Route Add via Webgui - Opnsense 24.4.1
« on: June 24, 2024, 02:24:43 pm »
Hello everyone,

Are there any known problems with the Business version 24.4.1?

I can't select a gateway for a new route. There is only the GW Null4.

Best Regards

2
Virtual private networks / IPSEC NAT VPN
« on: November 29, 2023, 01:04:49 pm »
Hello everyone,

I have the following VPN to configure, how might that work with OpnSense? I've gone through all the instructions on the Internet but can't find a solution.

"By enforcing this policy we avoid the probability of conflicting addresses between trading partners and our own private addressing scheme. To conform with this policy you must configure NAT on your VPN device and hide the private addresses behind public registered addresses. Enter the NAT address, not the private address."

Anyone have an idea how to realize this?

Best regards

3
German - Deutsch / Verständnisfrage was den Status Phase2 Time angeht.
« on: February 06, 2023, 08:58:52 am »
Hallo Zusammen,

bei einem aufgebauten IPSec Tunnel steht im Status Zeit.

Was mag diese bedeuten und sind es Sekunden,Minuten oder Stunden?

Beste Grüße

4
German - Deutsch / IKEv2 Tunnel mit Cisco
« on: January 31, 2023, 01:50:24 pm »
Ich habe folgendes Phänomen mit einem IKEv2 Tunnel zu einer Cisco.

zwei IPs in Phase 2, wenn ich dann eine IP anpinge, geht kein Traffic zu der anderen mehr.

ungefähr so :

10.10.1.1/32  zu 192.168.1.1
10.10.1.2/32 zu 192.168.1.2

ping von 192.168.1.1 auf 10.10.1.1 funktioniert, dann aber nicht mehr der Ping von 192.168.1.2 auf 10.10.1.2.

erst nach einem neuaufbau des Tunnels funktioniert der Ping von 192.168.1.2 auf 10.10.1.2 wieder, bis Traffic über die 192.168.1.1 geht, dann funktiniert nur noch 192.168.1.1.

scheint wie eine art Failover zu sein, aber bei VPN?

Hatte dieses Problem hier schon jemand?

5
Virtual private networks / Kind of Failover?
« on: January 31, 2023, 01:48:41 pm »
Hi All,

I have the following phenomenon with an IKEv2 tunnel to a Cisco.

Two IPs in phase 2, then when I ping one IP, no traffic goes to the other.

something like this :

10.10.1.1/32 to 192.168.1.1
10.10.1.2/32 to 192.168.1.2

ping from 192.168.1.1 to 10.10.1.1 works, but then not ping from 192.168.1.2 to 10.10.1.2.

only after recreate the tunnel the ping from 192.168.1.2 to 10.10.1.2 works again, until traffic goes through 192.168.1.1, then only 192.168.1.1 works.

seems like some kind of failover, but with VPN?

Has anyone here had this problem?


6
Virtual private networks / IPSec Mobile to IPSec S2S
« on: September 27, 2022, 10:58:33 am »
Hello all,

I have the following problem/question.

i have ipsec for mobile users and also a ipsec side to side vpn.

everything works fine, but now when i want to access the remote ipsec network from the mobile client, it doesn't work. at the remote site (a lancom router) the packet doesn't arrive. The opnsense says packet transmitted (IPsec internal host to host).

what could be missing here or where could the error be?

I am grateful for any advice.

7
Zenarmor (Sensei) / Can´t connect to MongoDB
« on: August 19, 2022, 10:18:35 am »
Hello All,

I have the following problem when testing Zenamor on an Opnsense firewall.

Somehow I can't connect to the local database.

here are a few log extracts.

service mongod status

mongod is running as pid 74804.

 netstat -an | grep 27017

tcp4       0    326 127.0.0.1.1329         127.0.0.1.27017        FIN_WAIT_1

tcp4       0    348 127.0.0.1.1328         127.0.0.1.27017        ESTABLISHED

tcp4       0      0 127.0.0.1.27017        .                    LISTEN

fffff80004c4da00 stream      0      0 fffff801a9e275b8                0                0                0 /tmp/mongodb-27017.sock

[socket timeout calling hello on 'localhost:27017']OPNsense\Sensei\SenseiMongoDB::executeQuery::Exception::No suitable servers found (`serverSelectionTryOnce` set): [socket timeout calling hello on 'localhost:27017'][2022-08-19T09:41:02+02:00][INFO] [45553][D:19.37] https://health.sunnyvalley.io/client_report.php could sended.

mongo --host localhost

MongoDB shell version v4.0.28

connecting to: mongodb://localhost:27017/?gssapiServiceName=mongodb

2022-08-19T10:12:22.781+0200 I NETWORK  [js] DBClientConnection failed to receive message from localhost:27017 - HostUnreachable: Connection reset by peer

2022-08-19T10:12:22.782+0200 E QUERY    [js] Error: network error while attempting to run command 'isMaster' on host 'localhost:27017'  :

connect@src/mongo/shell/mongo.js:356:17

@(connect):2:6

__cxa_thread_call_dtors: dtr 0x802f4e230 from unloaded dso, skipping

exception: connect failed

In the livelogs of the firewall nothing is rejected on port 27017.

Zenamor listens to the Laninterface, but the Webgui is bound to a vLan on the same.

Anyone have an idea where I could look for the problem?

i despair...;-)

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2