Messages

1

Hardware and Performance / Re: J1900 is it suitable ?

« on: April 26, 2021, 07:06:10 pm »

I've used one until the VPN speed was unbearable. I tunnel all outgoing traffic over 5x load balanced tunnel but the box could not handle it. Now i added a dedicated 4x NIC (3x LACP to switch, 1x WAN) and virtualized OPNsense on my Poweredge T630.

Also bought a second hand 1u server (to much pain when i need to google something when the T630 is down), planning to slap in a 10GB qlogic nic for LAN and use the onboard 1GB for WAN.
Bought a cheap i5 (with AES-ni) off of ebay, testing out the performance in the next weeks.

2

Hardware and Performance / Mellanox SN2010 as hardware for OPNsense

« on: April 26, 2021, 07:00:33 pm »

Hello!

I've stumbled upon a used Mellanox device that has just a plain linux OS running on it. Would anyone know if OPNsense could run on it? https://blog.mellanox.com/2017/11/mellanox-sn2010-the-best-hyperconverged-infrastructure-switch/

it has 18 10G/25G sfp+ ports and 4x 40G/100G uplink sfp+ and 2x mnmt 1GB ports. Would this even make (opn)sense to reflash this?

Thanks

3

20.1 Legacy Series / Re: Upgrade to 20.7 fails with repo's not found

« on: September 05, 2020, 11:52:57 am »

Nope, its indeed a missing repo.
I assume i cant go back to freebsd11 right? not sure what the mainstream is i guess 11 seeing your reply.
So other then backing up the config and reinstalling, is there a way to solve this without down time?

4

20.7 Legacy Series / How to route opnsense WAN traffic over specific gateway

« on: August 03, 2020, 06:22:57 pm »

Hello!

How would i go about routing the internet traffic for OPNsense itself over one of my VPN client gateways? Where would i add these firewall rule since my firewall has 10 VLANs i know how to setup internet traffic for clients in those vlans, just not on what interface or floating rules i have to add to route my opnsense (updates, NS lookups) traffic over a secure tunnel

Please advise, thanks.

Ezra

5

20.1 Legacy Series / Upgrade to 20.7 fails with repo's not found

« on: August 03, 2020, 06:19:45 pm »

Hello all!

Im on 20.1 and when trying to update in the UI i get:

Code: [Select]

Firmware status check was aborted internally. Please try again.
When using the console opnsense-update or pkg update i get:

Code: [Select]

# pkg update
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:12:amd64/20.1/latest/meta.txz: Not Found
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:12:amd64/20.1/latest/packagesite.txz: Not Found
Unable to update repository OPNsense
Error updating repositories!
I've tried nearly every mirror, no go so far...

Please advise, thanks!

Ezra

6

General Discussion / Re: [SOLVED] Chromecast between diffrent subnet?

« on: November 10, 2019, 02:58:06 pm »

Aah, i have 7 networks selected, let me try to disable the ones i dont really need. Thanks for the heads up.

edit: still cant find the chromecast device on either 4 of the selected vlans. 5th is the vlan the chromecast is on.
Any direction you can point me to troubleshoot this?

7

General Discussion / Re: [SOLVED] Chromecast between diffrent subnet?

« on: November 09, 2019, 10:16:40 pm »

Hey!

So i have the mDNS repeater setup and selected all my vlans, but it does not work, any starting point to trouble shoot this?

8

General Discussion / Re: [SOLVED] DNS Rebind Protection

« on: April 18, 2019, 05:17:56 pm »

What server did you specify as exlude? I'm fighting this for over a year already.
Thanks

9

General Discussion / IGMP Proxy Chromecast, I'm lost

« on: March 09, 2019, 10:50:46 pm »

Hey guys,

I want to be able to use my chromecasts (and home automation server) auto discovery and use it like everything is on 1 subnet. which it isnt of course.

I have multiple vlans containing clients that need access to my chromecast vlan.

Now reading up on IGMP Proxy, it only confuses me more.

Like: what to set as upstream? I dont think this needs to be WAN? I just want to use this locally, what subnets need to be in the upstream, only the chromecast vlan?

And what to set as downstream: vlans that need access to it?

Also can this be used for Wake On Lan accross subnets?

Thanks

edit: also have Mdns enabled on all vlans

10

18.7 Legacy Series / Re: Gateway Group with Multiple OVPN clients and port forwarding.

« on: February 04, 2019, 10:56:53 am »

Hve you tried using sticky connections?

Do you have some stats on the single thread? I hve 3 clients vonnected with a loadbalance gw group. But some pages time out might be due to some mtu issue?!

11

18.1 Legacy Series / Re: How to change what type of notifications are sent

« on: April 10, 2018, 09:35:05 pm »

Anyone?

12

18.1 Legacy Series / How to change what type of notifications are sent

« on: March 30, 2018, 06:54:10 pm »

Hello!

I'd like to adjust what notifications are sent via SMTP. Now all gateway down notifications spam my inbox because of 5x VPN gateway, can i adjust this?

Kind regards,

Ezra

13

17.7 Legacy Series / Re: Monit for OpenVPN clients

« on: March 26, 2018, 05:52:24 pm »

Sorry for the long wait. Only started this last week. In my case i have 5x client using nl.privateinternetaccess.com as hostname.
Which can all have a different IP:

Code: [Select]

nl.privateinternetaccess.com has address 46.166.190.130
nl.privateinternetaccess.com has address 46.166.186.244
nl.privateinternetaccess.com has address 46.166.190.197
nl.privateinternetaccess.com has address 46.166.188.212
nl.privateinternetaccess.com has address 109.201.154.141
nl.privateinternetaccess.com has address 46.166.190.220
nl.privateinternetaccess.com has address 46.166.186.236
nl.privateinternetaccess.com has address 46.166.188.213
nl.privateinternetaccess.com has address 46.166.137.234
nl.privateinternetaccess.com has address 46.166.188.226
nl.privateinternetaccess.com has address 109.201.154.151
nl.privateinternetaccess.com has address 46.166.137.240
nl.privateinternetaccess.com has address 46.166.138.135
How to proceed in this case, any ideas?
Thanks again for the write up.

Ezra

14

18.1 Legacy Series / DNS over specific gateway with VPN clients

« on: March 11, 2018, 08:05:16 am »

Hello,

I have 5x VPN Tunnel, where i want to route all my traffic over.

I use the Unbound DNS server and selected all my VPN gateways to route it over.

Now when my VPN tunnels are down they can't resolv anymore.

I've added a floating rule: pass -> tcp/udp -> out -> DNS -> dest (alias for vpn addresses) -> WAN gateway
Then a floating to block all outgoing DNS over WAN gateway just to be sure.

This just does not work as expected. Any idea how to solve this?

Thanks,

Ezra

15

17.7 Legacy Series / Re: WOL to another subnet

« on: January 26, 2018, 09:05:37 pm »

Darn thats just to bad. I now have a snippit on my Android device to SSH to OPNsense, WOL the machine... Guess I'll be using that. Thanks for your time!