Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - dev4openid

Pages: [1] 2

General Discussion / Re: Connect my NVR device to noip endpoint

« on: September 21, 2024, 07:01:18 pm »

@dseven I have followed the guide explicitly.

The VPN tunnel connects from the internet. I have connected via my iPhone and the VPN states connected.

As stated: Add the Outbound NAT Rule (Required if Not Creating WireGuard Interface) - I have the Wireguard Interface defined, thus ignored this section of doc.

The section you referred to re: With these two rules, you will have access to your home’s Internet while connected remotely but no other access to your internal network(s). If you simply want a secure VPN for public WiFi hotspots, you do not need to add more rules.
I have implemented these exactly as per the doc, BUT my browser does not pick up the internet and times out.

Any ideas here?

General Discussion / Re: Connect my NVR device to noip endpoint

« on: September 21, 2024, 04:16:06 pm »

@dseven
Thanks for the reply.
I have been following this guide: https://homenetworkguy.com/how-to/configure-wireguard-opnsense/
and ~~I can connect via wireguard to my server BUT~~ through my local network.
When I attempt the connection via the internet side via my mobile - Nope!

(I scanned the 3-d code to ensure my config is right)

I suspect there is a "bridging requirement" to connect the wireguard from the LAN side to the Internet.
Any advice/pointers - anybody?

General Discussion / Re: Connect my NVR device to noip endpoint

« on: September 20, 2024, 10:51:55 pm »

@dseven Thanks for the input.

Option 3 looks good. My only concern is that I am not sure that the clients that are to connect will support wireguard.

Do you have any experience in that regard?

General Discussion / Connect my NVR device to noip endpoint

« on: September 20, 2024, 09:23:29 pm »

Hi all,
Warning! Non-expert here!

BTW I am using 24.7_1

I think I have configured the Noip end correctly. It reflects my WAN ISP DHCP address so I like to believe it is right.
Not sure how to test it?
Also, I am experimenting, so I am using a free account. If this works, I will get a paid for account.

The way I see it, is that the DNS endpoint provided by Noip could be accessed by http//:XXXX.ddns.net. I do not have a cert yet, so it would be HTTP:// [Note: I would be using a proper domain reg. and add to noip, as per the service provided]

To get to the device (NVR) I need to define the mapping from the the the firewall to the device - thus a connection is made between the device and the firewall, and then it should be automatic to connect to the endpoint.
The result being that I will be able to, via a browser, connect to the device and log in.

Assuming the device is on 192.168.40.1 (and OPNSense is 192.168.1.1) I am looking for advice as to where to provide the routing. I am going to assume a firewall rule?

In the LAN pool?
Bidirectional I figure, as the device needs to validate itself ti the DDNS and secondly, allow for when I attempt to connect via http//:XXXX.ddns.net

Any guidance appreciated.

I found https://www.youtube.com/watch?v=i546YF91dHk to be somewhat useful but incomplete for 24.7_1

I found this guide (https://www.cctvcameraworld.com/port-forwarding-for-dvr-and-nvr/) and have enabled ports 80, 554, 37777 and 37778 but it still does not come through.
I have asked NVR manufacturer support for port recommendations to confirm these.

General Discussion / Re: 2 NICs - data in on one and out the other

« on: March 21, 2024, 01:08:58 pm »

Hi,

consider following this https://kb.protectli.com/kb/opnsense-on-proxmox-ve/

In addition, do NOT unless you are doing a lab, run this combo (Proxmox and OPNSense) in a production or home network. Place OPNSense on metal. There is strong advice to not do this. Your call but understand the risks.

Cheers.

Tutorials and FAQs / Re: Help with the WAN & LAN port in mini PC with 2 ethernet using proxmox

« on: March 20, 2024, 10:25:24 pm »

Noob here.

It is unfortunate that you did not get any response.
Hopefully you have come good in your endeavours,

I tried the same thing but with a Mac mini.

What I found was that you had to ensure the ports were well defined in Proxmox and properly configured and tested.
Then you map the OPNSense ports to the Promox ports for WAN/LAN,

I realise that I had it working but had ISP infrastructure challenges.

Lastly, for the record there is a large body of evidence that using Proxmox/OPNSense combination is definitely not advisable. In my case, I switch to OPNSense on the metal. Simple to get started, I followed https://homenetworkguy.com/

Good luck

24.1 Legacy Series / Re: Strange behaviour with fresh install of OPNSense, R86S and SFP+

« on: March 19, 2024, 11:39:04 am »

Hi,

may I suggest you have not permitted ICMP.
Check if you have a rule
Action: Pass
Protocol: ICMP
ICMP subtypes: Echo request
Source: any
Destination: WAN
Description: Allow ping on WAN

I had similar problem on a different platform but same solution

24.1 Legacy Series / Re: Leveraging the 24.1.3 release [ Closed ]

« on: March 19, 2024, 11:11:20 am »

Hi,

Well, I went ahead with the Macmini (2012 & 8GB) as my OPNSense Router with eth and miniport eth 1Gb each)
Works like a dream. I have configured my VLANs etc. Good so far

For the switch I have go ahead with the Mikotik CRS310-iG-5S-4S+ (10G box). It turns out it is a router and a switch! Nevertheless, I have implemented the switch side (SwitchOS) and it is snappy! Seems to be a great buy and is relatively cheap.

I run speedtest-cli at my own Mac Mini and get numbers of 930Mb on a 1Gb WAN! Brilliant!

Now I am in the phase of implementing the VLAN at switch level and finalise the overall implementation. Hopefully with many glitches to overcome.

Thanks to all that provided input on options!

24.1 Legacy Series / Re: Leveraging the 24.1.3 release [ Closed ]

« on: March 12, 2024, 05:08:27 pm »

Hi,
Warning: Noobie here

I have been a recent Ubiquiti user re router and UniFi.
The EdgeRouter has become redundant, and I have moved to OPNSense on a Mac Mini. Works great and seems stable. I also attach the UniFi onto the network, and it is transparent and works, first time!

However, I want to implement vlans/QoS/etc. and my current Netgear smartswitch is NOT suitable (it is to be fair rather old).

The replacement must have at least 8 port of 1Gb or higher. Not fussed re POE as I have been using injectors.

Looking for suggestions please - other than ridiculous overprice switches from "some" vendors.
Any folks with experiences?

24.1 Legacy Series / Re: VLAN issues where MACs are not sticky

« on: March 09, 2024, 10:45:43 pm »

Hi,

OK got it. Next steps I have to do!

Thanks!

24.1 Legacy Series / VLAN issues where MACs are not sticky [ SOLVED ]

« on: March 09, 2024, 10:25:43 pm »

Hi,
Warning: Noobie here and learning.

I have 24.1.3_1 running, and it is petty good

(Been a learning curve!)

I have a simple arrangement of ISP---- > OPNSense -----> netgear GS108T smart switch-----> with 1x Macminis and 1 PC

At the moment, everything is running as 192.168.1.x space
I have defined a number of VLANS.
Now I have taken the PC and assigned it a 192.168.20.x IP in the DHCP definition for the VLAN (i.e. moved PC to VLAN USERS)
I have included that the Firewall has a rule that allows access to the internet from the VLAN

Problem is, the PC cannot connect to the internet via the VLAN; (when the IP is 192.168.20.x) and defers back to an IP 192.168.1.y (I can manually force the IP to 192.168.20.x

So, can somebody confirm that I have to create VLAN definition in switch to enable PC to "bind" to VLAN or not? So that the PC can access the internet)

The corollary is that if I only had a simple switch (and not a smart switch) then I cannot have VLANs.

Is this correct?

24.1 Legacy Series / Re: OPNsense 24.1.2_1 very slow on simple config [ Solved - Updated]

« on: March 09, 2024, 04:44:05 pm »

Hi all,

well, it turns out the Macmini 2012 run OPNSense beautifully. In the interim, I repurposed a PC with 2 eth ports and got it working. Now I have to get the VLANs sorted.

Good news is; moved it back to the Macmini and it is fine. Both eth ports as described are working at 1 Gb.

However the internet is slow from either Macmini or PC. It turn out when testing with speedtest: it depends which server is attached to by speedtest. i.e when connecting to server in the next town I get up to 850Mb, whereas is I connect to server in another town adjacent I crawl at 5Mb max. There is obviously a problem somewhere in the network as provided by my ISP

24.1 Legacy Series / Re: DNSmasq DNS vs Unbound DNS

« on: March 08, 2024, 12:26:10 am »

Hi,
Thought so! Appreciate the response!

24.1 Legacy Series / DNSmasq DNS vs Unbound DNS [ Solved ]

« on: March 07, 2024, 04:41:33 pm »

Hi,

noobie on networks here.
v24.1.3_1
Domestic deployment, macmini ---- > switch ------ > opnsense (PC with 1 buitin nic and 1 pci nic) --- > ISP modem ---- > www
The docs are confusing wrt whether the dnsmasq DNS vs. Unbound DNS.

I take it that only one is to be configured. Can someone confirm this please?

I figure both are not needed as both seem to want to use port 53 and a conflict arises. I change one to port 853 but I see no effect.

Advice please?

24.1 Legacy Series / Re: OPNsense 24.1.2_1 very slow on simple config

« on: March 01, 2024, 09:32:27 pm »

@meyergru – is seems you are right and I am rather disappointed, I will have to find another soln.

Thanks

Pages: [1] 2