"
Sorry I wasn't very clear before. I meant do you have plans for people who have an Opnsense for home use (like me). I'd love to subscribe to the service but 25$ a month is a bit steep. I don't mind a reduced feature set (a lesser retention time for the logs perhaps 3 days for live and a month for archive).
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
General Discussion / Re: Netify Network Intelligence on OPNsense - Now Available
February 14, 2020, 12:01:21 AM #2
General Discussion / Re: Please Make a Donation to OPNsense
February 13, 2020, 04:39:27 AM
A little something from my side. Has been rock stable for me for a year plus.
#3
General Discussion / Re: Netify Network Intelligence on OPNsense - Now Available
February 13, 2020, 04:35:12 AM
The UI looks slick and nice. Gives me the right kind of reports at a glance. Congratulations on a well thought of and made product.
Any change you can offer a Home subscription (with reduced features?). At 25$ a month it may be beyond the reach of the home users .
Any change you can offer a Home subscription (with reduced features?). At 25$ a month it may be beyond the reach of the home users .
#4
19.1 Legacy Series / Re: Port Forward to LAN Bridge
June 18, 2019, 04:26:47 PM
Well, I found the answer. The bridge was working fine. Apparently the system in question was a osx machine and I recently installed the macserver app on it. For some reason the app was blocking the packets. All good now :)
#5
19.1 Legacy Series / Re: Port Forward to LAN Bridge
June 17, 2019, 02:28:18 PM
Sorry if the title is confusing.
I had it setup minus the bridge and the port forward worked perfectly ( thanks to the awesome documentation here).
The bridge is breaking it. I had set it up using this guide https://wiki.opnsense.org/manual/how-tos/lan_bridge.html
The bridge is working correctly, I get dhcp to the devices, the devices can talk to each other on layer 2 even when they are connected to two different physical ports.
So I'm missing something, perhaps a filter??
Thanks for the help
I had it setup minus the bridge and the port forward worked perfectly ( thanks to the awesome documentation here).
The bridge is breaking it. I had set it up using this guide https://wiki.opnsense.org/manual/how-tos/lan_bridge.html
The bridge is working correctly, I get dhcp to the devices, the devices can talk to each other on layer 2 even when they are connected to two different physical ports.
So I'm missing something, perhaps a filter??
Thanks for the help
#6
19.1 Legacy Series / [Solved] Port Forward to LAN Bridge
June 17, 2019, 10:02:56 AM
Hi
Can anyone help me understand why this is not working ?
I looked at the live logs and can see the packet from WAN hit the NAT rule and is allowed. I can also see the packet that the firewall sends to the bridge group after the NAT rule.[/img]
The packet disappears after this - I don't see it on the machine. Verified the machine has no firewall.
The following parameters are set as below
net.link.bridge.pfil_member is set to 0
net.link.bridge.pfil_bridge is set to 1
P.S - I am running this on a baremetal box (no VMware)
Can anyone help me understand why this is not working ?
- I have a firewall in L3 mode terminating my ISP connection.
- I have configured 2 ports on the LAN side which are bridged into a single LAN (192.168.1.0/24) - Lets call them LAN1 and LAN2 ports.
- On the firewall I have setup a port forward from my external IP:Port to internal IP:Port - Added the NAT rule/corresponding firewall rule.
- When I try to access a machine on LAN2 port from LAN 1 port --> it works
- When I try to access a machine on LAN2 port from WAN port --> doesn't work .
I looked at the live logs and can see the packet from WAN hit the NAT rule and is allowed. I can also see the packet that the firewall sends to the bridge group after the NAT rule.[/img]
The packet disappears after this - I don't see it on the machine. Verified the machine has no firewall.
The following parameters are set as below
net.link.bridge.pfil_member is set to 0
net.link.bridge.pfil_bridge is set to 1
P.S - I am running this on a baremetal box (no VMware)
#7
General Discussion / Re: OPNsense on Cisco Meraki??
March 24, 2019, 02:36:26 PMQuote from: theCiscoGeek on March 22, 2019, 06:03:22 AM
I'm just going to leave this here for now ;D
Details of the installation ?
#8
19.1 Legacy Series / Re: [FEATURE REQUEST] - Keep the lobby traffic graphs persistent
January 27, 2019, 06:20:07 AM
+1 please - If time permits, that feature would be awesome to have !
#9
18.7 Legacy Series / Re: How to enable restricted traffic between local networks?
January 22, 2019, 02:45:15 PM
This is pretty much a standard configuration. You can safely enable this by
Firewall: Rules: LAN
Source LAN Net; Destination Any ; Action Allow
Firewall: Rules: GUEST_LAN
Source GUEST_LAN net; Destination !LAN Net: Action Allow
Firewall: Rules: LAN
Source LAN Net; Destination Any ; Action Allow
Firewall: Rules: GUEST_LAN
Source GUEST_LAN net; Destination !LAN Net: Action Allow
#11
18.7 Legacy Series / Re: Loss of LAN
October 03, 2018, 10:01:07 AM
Try a elimination based approach to troubleshooting
What version is the FW?
Do you have IPS turned on ?
Can your LAN devices ping the local gateway on the firewall during the outage ?
Can you access the firewall UI from LAN during the outage ?
Isolate a DNS issue by pinging an internet IP instead of a domain
Firewall, Log, Live View >> What do you see when you have the outage.
Do you have any other packages installed like Sensei
What version is the FW?
Do you have IPS turned on ?
Can your LAN devices ping the local gateway on the firewall during the outage ?
Can you access the firewall UI from LAN during the outage ?
Isolate a DNS issue by pinging an internet IP instead of a domain
Firewall, Log, Live View >> What do you see when you have the outage.
Do you have any other packages installed like Sensei
#12
18.7 Legacy Series / Re: fwd: VLAN for IOT
September 25, 2018, 03:50:41 AM
You cannot make a rule based on a UNC name - although you can create an alias based on a FQDN. Firewall: Aliases: View
Rule number 2 will block IOT LAN from aceessing your LAN. It does not give IOT access to internet.
To do so you can have a rule 3 which says allow access from any to any/inet.
Rule number 2 will block IOT LAN from aceessing your LAN. It does not give IOT access to internet.
To do so you can have a rule 3 which says allow access from any to any/inet.
#13
Web Proxy Filtering and Caching / Re: Squid Trasparent proxy problem
September 21, 2018, 04:53:05 PM
Did you manage to read this ? - https://wiki.opnsense.org/manual/how-tos/proxytransparent.html
I set mine up last week and was a pretty straight forward process. If you did follow the guide then paste your firewall screenshots here.
I set mine up last week and was a pretty straight forward process. If you did follow the guide then paste your firewall screenshots here.
#14
Web Proxy Filtering and Caching / Re: after activating SSL proxy, nothing happening.
September 21, 2018, 04:50:17 PM
I don't think you can force the OpenVPN traffic through the proxy. I have the http proxy turned on in transparent mode. When I connect to my home through SSLVPN i cant seem to register the http traffic on proxy logs. I had the the same configurations as you and it wouldn't register the http traffic. I looked around a bit and i thought i saw someone mention that its not supported (I didn't read up much on it to be honest or gave it another go - happy to be proved wrong).
#15
18.7 Legacy Series / Re: All Memoy used
September 21, 2018, 08:01:22 AM
I can confirm the same that the swap is not getting used in the dashboard. No crashes for me. I upgraded about 12 hours ago to 18.7.3.
Mem util - 15%
CPU below 5%
128 GB SSD; 8 GB RAM, 8 GB SWAP.
root@OPNsense:~ # swapinfo
Device 1K-blocks Used Avail Capacity
/dev/gpt/swapfs 8388608 0 8388608 0%
root@OPNsense:~ # cat /etc/fstab
# Device Mountpoint FStype Options Dump Pass#
/dev/gpt/rootfs / ufs rw 1 1
/dev/gpt/swapfs none swap sw 0 0
root@OPNsense:~ #
Mem util - 15%
CPU below 5%
128 GB SSD; 8 GB RAM, 8 GB SWAP.
root@OPNsense:~ # swapinfo
Device 1K-blocks Used Avail Capacity
/dev/gpt/swapfs 8388608 0 8388608 0%
root@OPNsense:~ # cat /etc/fstab
# Device Mountpoint FStype Options Dump Pass#
/dev/gpt/rootfs / ufs rw 1 1
/dev/gpt/swapfs none swap sw 0 0
root@OPNsense:~ #
