Messages

1

18.7 Legacy Series / Load-balancing VPN connections

« on: January 27, 2019, 02:58:19 pm »

When I used pfSense I had a setup with two VPN (provider, no connection to a company or something like that) connections in a group so clients would load balance (via a gateway group) between those connections.

Somehow I can't get this to work on OPNsense. The settings are the same as on pfSense but no internet. I think the traffic doesn't go in and out the same interface. Do I miss something?

EDIT after some more trying:
When I keep 'redirect-gateway autolocal;' in both configs and let one connect with TCP and one with UDP so they don't get the same 10.7.7.x it works for a few minutes only.

2

18.7 Legacy Series / Can you import 32b config on 64b system?

« on: January 26, 2019, 04:30:20 pm »

I'm migrating from a 32b OPNsense system to a 64b system and importing seems to work with some hiccups.

Is this even possible if the versions match but the bitset doesn't?

3

General Discussion / How long will i386 be supported?

« on: October 25, 2018, 01:46:32 pm »

i386 will eventualy have to go and I wonder if there are any plans to stop supporting i386 in the (near future)?

4

18.7 Legacy Series / Intrustion Detection and Transparant proxy doesn't work

« on: October 13, 2018, 05:44:19 pm »

I have a transparant web proxy with my own cert installed on the devices and Suricata monitoring it but it only blocks http-traffic, not SSL somehow.

Is this even possible? A MITM attack: Suricata sniffing the web proxy?

5

18.1 Legacy Series / Re: [solved] Transparent Proxy and WLAN on Android: No Internet

« on: October 13, 2018, 04:43:47 pm »

I did al this but it's still not working for me.

6

18.1 Legacy Series / Re: Weird problem private VPN

« on: August 16, 2018, 09:31:25 pm »

Is there a solution for this problem in 18.7 perhaps?

7

18.7 Legacy Series / Re: 18.7: password not acepted any more after update

« on: August 01, 2018, 07:57:12 pm »

Ah, same here. TOTP was activated for VPN users.

8

18.7 Legacy Series / Re: 18.7: password not acepted any more after update

« on: August 01, 2018, 09:43:33 am »

Aha, like so. Thanks, I'm back in.

9

18.7 Legacy Series / Re: 18.7: password not acepted any more after update

« on: August 01, 2018, 08:55:42 am »

Is that documented yet? I don't know how exactly.

10

18.7 Legacy Series / Re: 18.7: password not acepted any more after update

« on: August 01, 2018, 08:39:23 am »

Same problem, and I can't login as root on the console. I guess I'm locked out.

11

18.1 Legacy Series / Re: OpenVPN keeps reconnecting every hour

« on: July 20, 2018, 05:55:57 pm »

Thanks for all the fast responses!

The problem is gone... In addition I've used Traffic Shaper to set the max soeed a bit lower and the CPU doesn't go to 100% (and stalling the device) anymore.

12

18.1 Legacy Series / Re: OpenVPN keeps reconnecting every hour

« on: July 19, 2018, 12:25:35 pm »

Do you have a local AV scanner active? Trendmicro? Kaspersky?

None. But the connection is steady now for longer than one hour after 2 reboots. I guess I'll have to wait and see for now.

13

18.1 Legacy Series / Re: OpenVPN keeps reconnecting every hour

« on: July 19, 2018, 11:51:17 am »

This happens every hour

Code: [Select]

Jul 19 11:16:34 openvpn[73285]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Jul 19 11:16:34 openvpn[73285]: Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 19 11:16:34 openvpn[73285]: Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Jul 19 11:16:34 openvpn[73285]: VERIFY OK: depth=0, CN=nl307.nordvpn.com
Jul 19 11:16:34 openvpn[73285]: VERIFY EKU OK
Jul 19 11:16:34 openvpn[73285]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Jul 19 11:16:34 openvpn[73285]: Validating certificate extended key usage
Jul 19 11:16:34 openvpn[73285]: VERIFY KU OK
Jul 19 11:16:34 openvpn[73285]: VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA2
Jul 19 11:16:34 openvpn[73285]: VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Jul 19 11:16:34 openvpn[73285]: TLS: tls_process: killed expiring key

14

18.1 Legacy Series / Re: OpenVPN keeps reconnecting every hour

« on: July 19, 2018, 10:08:24 am »

Stupid of me but I didn't save those. You see the connection renegotiating and the internet connection drops for a few seconds. When this happens, it's takes longer and the connection closes and it's trying to reconnect but slowly.

I'll immediately save the log when it happens again. But I do notice this now:
Jul 19 09:16:45   openvpn[73285]: MANAGEMENT: TCP send error: Broken pipe
Strange...

It a connection with a VPN provider by the way, not my own site-to-site.

15

18.1 Legacy Series / Re: OpenVPN keeps reconnecting every hour

« on: July 19, 2018, 09:22:21 am »

Correct. And the problem isn't the internet connection. But sometimes it's completely frozen and I discovered something weird, A LOT of packets in and out: