Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - chuckygang

#1
General Discussion / New user and certificates
August 20, 2024, 03:20:37 PM
Since one update made this summer I have a annoying change.

When adding a user and a certificate. it now does not use my CA instead it does a self-signed certificate.
making adding users that should use OpenVPN get wrong certificate adding alot of extra work.

how to make my CA as the default CA instead of Self-signed.
(CA is in the opensense config.. but will be wrong authority)
#2
High availability / Link-net with CARP and HA
September 12, 2023, 01:40:29 PM
Well new here.  Guess this is asked but cannot find it.

I have a /25 net that is delivered to me via a "LINK Net" on 2 connections.  so I have 2 machines setup like:

port1 to ISP with IP z.z.z.2 witth carp to z.z.z.1, port 2 to our WAN switch with ip x.x.x.2 and carp to x.x.x.1

(and a 2nd opnsense with port1 to ISP with IP z.z.z.z.3 with carp to z.z.z.1 and port 2 to our WAN switch with IP x.x.x.3 and carp to x.x.x.1

so this linknet is a small /29 just to handle the link..

thing is.. I seems not to be able to pass any traffic EXCEPT pings to my WAN net.
if I check firewall logs I see the default deny rule triggers on my traffic. but even if setting rules on all ports to allow all it is refused.

so what more do I need to do to allow traffic to pass though.. NOT NATed between those 2 ethernet ports?

Any good tutorial to handle this?


SO YES.  there are public IPs on both sides.
(if possible to have a 3rd network with NAT for managment it would be a plus)