Messages

1

Tutorials and FAQs / Re: Help on my first setting - no internet

« on: August 29, 2019, 08:30:54 pm »

I found the problem!

I changed the modem.
Now it isn't set in bridge mode, but I don't know if this is the the reason for the malfunction of opnsense.
I have to investigate.

Luca

2

19.7 Legacy Series / detailed rule info - link not working

« on: August 27, 2019, 05:20:52 pm »

In firewall/Log Files/ListView click on info icon at the end of each record
I get a windows with the detailed rule info

At the row "rid" there is a link, sometimes  the link not work:

description of rule:
default deny rule  -> https://192.168.1.1/firewall_rule_lookup.php?rid=02f4bab031b57d1e30553ce08e0ec131
pass loopback      -> https://192.168.1.1/firewall_rule_lookup.php?rid=59162224cde3be673a9b295d6e24dcea
let out anything from firewall host itself   ->   https://192.168.1.1/firewall_rule_lookup.php?rid=fae559338f65e11c53669fc3642c93c2

in general when the interface is lo0
Where can I find this rules?
Luca

3

Tutorials and FAQs / Re: Help on my first setting - no internet

« on: August 26, 2019, 09:39:22 am »

If I stay on firewall and try to ping (Interfaces/Diagnostics/ping)

ping default and WAN to 8.8.8.8: 0% packet loss
ping LAN to 8.8.8.8: 100% packet loss

ping default, LAN and WAN to 192.168.1.100: 0% packet loss

Isn't this a strange behavior?

I expect the opposite behavior: ping WAN to host blocked and ping host to WAN allowed

Luca

4

Tutorials and FAQs / Re: Help on my first setting - no internet

« on: August 24, 2019, 09:31:13 pm »

Do you actually have a DNS server installed and/or specified on the LAN?

Yes,
from host settings I read:

IP: 192.168.1.100
gateway: 192.168.1.1
DNS: 192.168.1.1

OPNsense is DHCP server and DNS server for LAN

On Services/Unbound DNS I read: "If Unbound is enabled, the DHCP service (if enabled) will automatically serve the LAN IP address as a DNS server to DHCP clients so they will use Unbound resolver. If forwarding is enabled, Unbound will use the DNS servers entered in System: General setup or those obtained via DHCP or PPP on WAN if the "Allow DNS server list to be overridden by DHCP/PPP on WAN" is checked."

Unbound DNS is enabled
DHCPv4 is enabled
Enable forwarding mode checked

If you can ping by IP address and not by domain name it would indicate that you have a DNS problem

I can ping by IP address only from WEBGUI of OPNsense to internet and on LAN from host to gateway

luca

5

Tutorials and FAQs / [solved] Help on my first setting - no internet

« on: August 24, 2019, 05:09:09 pm »

Hi all!
I ask you to help me in my first setting of OPNsense because I've been trying for two days without success.

The network is very simple:

internet -- modem -- (79.41.107.165)firewall(192.168.1.1) -- (192.168.1.100)host

computer host 192.168.1.100 DHCP IP from OPNsense (192.168.1.1 gateway and DNS)

firewall OPNsense on NF692 Intel celeron J3455 with:
 - WAN interface 79.41.107.165 DHCP IP from ISP
 - LAN interface 192.168.1.1 static (network 192.168.1.0/24)

The LAN interface on firewall has:
-Block private networks unchecked
-Block bogon networks unchecked
-DHCPv4 service enabled
-unbound DNS service enabled
-DNSSEC support unchecked
-DNS Query forwarding enabled

The WAN interface on firewall has:
-Block private networks checked
-Block bogon networks checked

The rules are attached, all permitted in LAN and WAN interfaces

I can't connect to https://opnsense.org/ or other website from my browser

If I try ping from interfaces/diagnostics
Ping from default:

Code: [Select]

# /sbin/ping -c '3' '8.8.8.8'
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.153 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.118 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.142 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.118/0.138/0.153/0.015 ms
Ping from LAN:

Code: [Select]

# /sbin/ping -S '192.168.1.1' -c '3' '8.8.8.8'
PING 8.8.8.8 (8.8.8.8) from 192.168.1.1: 56 data bytes

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
Ping from WAN:

Code: [Select]

# /sbin/ping -S '79.41.107.165' -c '3' '8.8.8.8'
PING 8.8.8.8 (8.8.8.8) from 79.41.107.165: 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.156 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.129 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.121 ms

--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.121/0.135/0.156/0.015 ms
Ping to 8.8.8.8 from host LAN (192.168.1.100)

Code: [Select]

l@l-schenker:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 70ms
Ping www.google.com from default, LAN, WAN, host in LAN:

Code: [Select]

ping: cannot resolve www.google.com: Host name lookup failure
ping the host (192.168.1.100) from default, LAN, WAN is OK!

I'm sure i forgot something, but what? Can you help my?

thanks
Luca