Topics

1

Web Proxy Filtering and Caching / Create ACL like the classic way using opnsense gui

« on: June 08, 2020, 03:38:16 am »

Hi all,

I am setting up a opnsense firewall with squid and LDAP(MS AD) auth. No need to be transparent.

I set a remote blacklist and now I want to use AD users and groups to tell who can and can't use that site. I can't find how on the webui, all I found was this thread:

Code: [Select]

https://forum.opnsense.org/index.php?topic=16171.0.

Is there any other way to solve this? Cause if not I will start editing my custom extra configs to send there. As I need to be user and group (from AD) aware, I assume it must be on post-auth dir.

Thanks,

none

2

16.1 Legacy Series / Multiwan issue

« on: June 13, 2016, 08:35:08 pm »

Hi,

I have the last stable opnsense and I can see an annoying issue: sometimes I have connectivity from my local net, but the opnsense box has no default gw. As a coincidence, everytime this happens, I can't reach my box from any of the internet links. I followed the opnsense wan guide, and from time to time I get this.

Its just me? Is this known?

thanks,

3

16.1 Legacy Series / Dual wan and dns problem

« on: May 12, 2016, 05:59:34 am »

Hail,

I tried some old version (15.x) and now I run 16.1 and have the same problem:

two WAN (A and B), and once I set a rule on LAN so my desktop machine will use the B (not the default) wan, DNS stops working for the desktop machine.

I get to see the dns query on the B link:

Code: [Select]

00:50:05.548848 IP 1x.x.x.x.17803 > 10.1.1.81.53: 26623+ A? openbsd.org. (29)
00:50:06.548621 IP 1x.x.x.x.17803 > 10.1.1.81.53: 26623+ A? openbsd.org. (29)
00:50:07.548685 IP 1x.x.x.x.17803 > 10.1.1.81.53: 26623+ A? openbsd.org. (29)

it never gets the answer, as the query is not fulfilled.

I tried the dns forwarder and the resolver. not gone far yet.

is this only me?

I saw the talk on https://forum.opnsense.org/index.php?topic=433.0, tried those settings but no good also.

thanks,

none

4

15.7 Legacy Series / Dual Wan and DNS

« on: August 16, 2015, 07:48:50 pm »

Hi,

I got 15.7.8 nano running and I get this DNS problem:

I have two wan dhcp ISP's, and two machines are on wan2, all other machines are on wan1. So I have a rule on firewall to change the router (route-to) for an alias that holds my two machines.

The issue is, on these two machines I can't get dns to work. I tried to disable dns forwarder, use just dnsresolver, no deal. If I use, manually, the 8.8.8.8 address, the machine is fine on surfing.

So I added a rule to pass dns traffic before the route-to one, so it is back to normal. Whats the issue to use wan2 to send dns packets ?

Is this supposed to be like this ?

thanks,

5

15.7 Legacy Series / WAN DHCP issue and one package

« on: August 10, 2015, 07:47:05 pm »

hail,

I have a soekris 5501-70 running:

OPNsense 15.7-i386
FreeBSD 10.1-RELEASE-p14
LibreSSL 2.2.0

This box has two cable wan, and there is the point. I get once a day a lost connection. Even though all looks fine, I can't ping from the main wan. I have to go on interfaces UI and click on "release" e "renew". This happened today once, and tomorrow too.

Has anyone seen this ?

I have a strangely high load of, at least, 1.00. Does this have any to do ?

I come from the project that is sibling to this, I don't know if there is any problem on saying it (so I don't), and I want to give this a try. So far, a bit slow on the 5501-70, but still testing.

About the packages, how can I test or run them ?

All I need so far is the vnstat package. I found some links to git, but I can't find how to install them. The pkg add on CLI won't find vnstat

thanks for the project, its a great project !

none