Topics

1

24.1 Legacy Series / Godaddy Dynamic DNS

« on: October 13, 2024, 12:52:29 am »

Trying to configure dynamic dns with a godaddy domain, and getting "Customer identified by login and password options denied permission" as an error is the closest I've been able to get.

Username is the API Key, password is the secret key.  I do have "lock" enabled for the domain... but I don't see anything in the godaddy documentation that explains what that means... do I need to unlock it in order to be able to update the IP address automatically via the opnsense plugin?  I suspect there may be something on the godaddy side of things that's misconfigured, but I haven't been able to find anything useful to tell me what that may be.

Please let me know what I"m doing wrong.

Thanks.

2

24.7 Production Series / OpenVPN not matching common name?

« on: September 27, 2024, 04:56:13 pm »

Trying to set up a VPN server via the new instances method, but I cannot get it to match common names.  If I turn on strict matching, I simply cannot connect.  If I have strict matching turned off, I can connect, but the connection shows up as UNDEFINED under the client name, and client specific overrides are not applied.

I created a new user name (tethys), crated certificates (tethys was entered as the common name), and am logging in with the user name tethys.

No idea what to troubleshoot... everything seems like it should be set up properly.  The same config works fine under legacy.

3

23.7 Legacy Series / Convert to zfs? download 23.7 still?

« on: September 21, 2024, 01:42:28 am »

I am currently using ufs for the root file system of my install, but would like to migrate to zfs in order to take advantage of snapshots.  Probably the best way to do this would be to reinstall 23.7, restore config from backup, take snapshot, then update to the current release.  Is there still a download available for the last release of 23.7?  I have an older version of install media saved somewhere, but it is not the last release... I feel like installing an older version and then restoring from my newer backup could possible cause issues, and would like to do this process with the current version that I am running now.

Thoughts? feelings? recommendations? download links?

Thanks!

I have a headache at the moment, so pardon this probably poorly written post... needless to say, this is not something I am looking to take on right at this moment. Perhaps a project for tomorrow or later this weekend.

4

24.1 Legacy Series / Port 80 not being redirected (help setting up reverse proxy for immich server)

« on: April 06, 2024, 06:09:36 pm »

One thing to note, I am on the LAN at the moment.

However, I have installed nginx proxy manager on a LAN server (192.188.0.2) and have forwarded ports 80 and 443 via NAT.  But, if I go to subdomain.domain, rather than this traffic being forwarded to the proxy server and then further redirected to the appropriate server & port (192.188.0.2:2283) I am prompted to log into the router. 

How do I get the results I am looking for?

EDIT: Just had a buddy test and it is not working properly from outside the LAN either.



EDIT2:  Let's just cut to the chase here... can someone tell me how to get reverse proxy working so that I can access my immich server?  That's what I'm trying to do. 

5

24.1 Legacy Series / completely locked out

« on: March 03, 2024, 08:37:23 pm »

Disabled the anti lock out rule for a dumb reason and am now completely locked out. Cannot even get a login prompt with a display an keyboard directly connected. What do?

6

23.1 Legacy Series / Trouble figuring out traffic shaping: prioritize all traffic to specific IP

« on: August 14, 2023, 01:35:26 am »

I feel like this should be a fairly simple task, but I am having a hell of a time figuring out how to do it.  Quite simply, I want to prioritize all traffic to and from 192.188.0.8 above all other traffic on the network, regardless of protocol or ports.  I want this to be as close to real time routing as possible.  On a consumer router I would have just selected the device as higher priority in the QoS settings, but opnsense is clearly more powerful and granular... however, it's to the point where I have no idea how to use it.  The documentation hasn't been too much assistance either.  I don't really want to limit bandwidth to other clients... just want to have traffic to this one client weighted higher than others. 

The client is a network streamer for my stereo, and I've tried messing with pipes and queues but I'm still experiencing dropouts in streaming audio.  Never had dropouts with my old TP-Link router, and if a cheapo consumer router can do it, surely an enterprise grade system (enterprise software, at least) should be able to handle it without issue. 

Thanks & please excuse my absolutely n00b question.

Traffic works in 2 basic ways... either streaming files stored on 192.188.0.2 via UPNP or streaming music via WAN from Qobuz (online music streaming service).  I get dropouts from both, and there's plenty of bandwidth on my local network that this should never be an issue, which is why I'm convinced it's an issue of prioritizing packets.

7

23.1 Legacy Series / Domains cannot be whitelisted with Unbound

« on: August 05, 2023, 02:31:50 am »

If a domain is contained within a configured blocklist, then it does not appear that there is anyway to whitelist it.  This is despite Unbound clearly being designed to have this functionality... there's a whitelist button right there in the Unbound reporting tab.  I have tried restarting Unbound and it is configured to flush DNS cache on restart.  This functionality appears to be broken.

8

General Discussion / Multiple LAN & Fail Over... unable to stop second LAN from using 5G bandwidth

« on: June 19, 2023, 01:00:25 am »

I have 2 LANs set up, one for my normal internet traffic and one for my torrent server.  My setup includes two gateways, one my primary broadband connection and one 5G connection.  I have these grouped together so that if the broadband connection goes down, the 5G modem picks up the traffic, and that works as expected.  However, no matter what rules I try, I cannot get the second LAN to not switch over to the 5G gateway.  If broadband goes down, I want the second LAN to lose connection, rather than funneling all that traffic over 5G. 

How can I do this?  I cannot seem to figure out a rule that achieves this.  I've tried rules on the torrent lan to block traffic going to the 5g net.  I've tried rules on the torrent lan to block the 5g gateway.  I've tried rules that explicitly select the broadband gateway.  None of this stops this second lan from failing over to 5G. 

Any suggestions?  I'm out of ideas as this point and have given up for the time being.

9

Virtual private networks / Cannot connect to VNC server over openvpn

« on: June 12, 2023, 08:45:00 pm »

As the title says, I am having trouble connecting to a VNC server on my VPN (10.1.11.2) from my iPad client, also connected to the vpn.  I can connect to the VNC server if the iPad is on the same LAN, but if I use the VPN IP address to connect I cannot. 

I do have inter client communication enabled.  Do I need to set up some other firewall rule? 

Thanks.

EDIT: Just got home and tried connecting from my laptop, and it works, both from my LAN and tethered to my phone & connected to my VPN.  So that's fun... must be something to do with the iPad (of course it "just works" on Linux)