Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - framura

#16
Hi,

today I just retried to update (from GUI) and, voila, update worked.

Very very strange.

#17
I tried with default, OPNSense Amsterdam with same result.

Now, i just retried with this result:

Fetching packages-17.7-LibreSSL-amd64.tar: ......... done
Fetching base-17.7-amd64.obsolete: ... done
Fetching base-17.7-amd64.txz: ..................................Signature for file not available.
failed


#18
17.7 Legacy Series / Unable to upgrade from 17.1.11
August 05, 2017, 07:56:01 PM
Hi,

I tried to upgrade but get this error when I try to upgrade (from GUI or from ssh):

Fetching base-17.7-amd64.obsolete: .............................................................opnsense-verify: Unable to open /var/cache/opnsense-update/41418/base-17.7-amd64.obsolete: No such file or directory
failed


Can you help me?

TIA


Note: I use /var and /tmp in memory
Note2: In the log file I found this:

configd.py: [1b18a9de-e07f-4353-8121-ad3ef316fb82] Script action stderr returned "pkg: Repository OPNsense has a wrong packagesite, need to re-create database"


#19
17.1 Legacy Series / Squid and MultiWAN
March 17, 2017, 04:30:56 PM
Hi,

in my configuration I would like to use WebProxy (forward proxy) with a sort of multiwan configuration.

In my opnsense box, I configured VPN clients (3 openvpn clients) and a gateway group with these 3 openvpn connections: until now  I used this group (with some firewall rules) to force the use of vpn group for some LAN clients traffic and all works good.

Now I would like to add also a web proxy (squid) with the above vpn group: so I enabled and configured proxy (not transparent).

I know squid proxy uses, by default, only default gateway (WAN gateway) and in this mode all works good but I want to force to use only vpn group.

So I read many guides about this argument and I tried to use floating rules for http/https ports, I tried also to add "tcp_outgoing_address 127.0.0.1" in squid template but with no success: can you point me on right direction?

Thanks in advance

#20
Italian - Italiano / Re: Benvenuti
February 26, 2017, 08:52:20 PM
Ciao Fabio,

Anche io una ftth Vodafone ed uso opnsense in cascata alla station revolution ma non serve ne' dmz  nĂ©  nat e francamente sono piuttosto soddisfatto della soluzione.

Trovo comunque molto interessante la tua proposta e potresti postarla direttamente sulle sezioni relative alla versione 17.1 (ovviamente traducendola in inglese).

Ciao
#21
Thanks franco,

but my problem is not linked to IPSec: I use some rules on LAN side with a specific gateway group (I sent yesterday my two /tmp/rules.debug files, one for 16.7 and one for 17.1).

Thanks
#22
Hi,

these is any news about this?

Thanks
#23
Hi,

I just sent via email my two rules.debug files, one from 16.7 (working) and other from 17.1 (not working).

#24
HI,

I just upgraded from 16.7.14 version and all seems works very well but not firewall rules.

I have some firewall rules (LAN Tab) to force VPN use on my LAN net: with 16.7.14 all works well but with 17.1 (I haven't modify any configuration) same rules doesn't works anymore.

Can you give me some advice?

Thanks in advance

P.S.: Now I reverted to 16.7.14 (Vmware machine) but I will try also with a fresh installation
#25
Hi,

I am using a gateway group with my 3 VPN connections (I use opnsense as Openvpn client): I defined group (all three connections are tier 1) and firewall rules and all works very good but these 3 connections are not really balanced.

One of these is used at 80%, the others two at 10% each (I see these statistics from OpenVPN->Connection Status).

I think this is not normal: can you help me?

TIA
#26
At this moment I use OPNSense as VPN gateway to VPN Internet provider (like StrongVPN, AirVPN, ExpressVPN and so on): I configured OPNSense (firewall outbound with specific rules) to use this VPN connection from some (but not all) LAN hosts.

I would like to substitute Openvpn with softether on opnsense: at this moment I think is not possible. Am i right?

Maybe I must to install Softether client on a Linux host and use it as gateway for every LAN hosts that need a VPN connection.
#27
Thanks Bill,

I would prefer to run it on OPNsense (as a complete openvpn substitute) but at this moment I can also use an another machine: but in my case I don't need SoftEther server but only as the client version.

So I could use a VPS with SoftEther server (and Softether client on a my internal machine) or I can use a VPN provider compatible with Softether: what do you think?


Alex
#28
Hi,

From my point of view, Openvpn main problem is mono thread (and mono core) restriction.

I found Softether solution and I read about opnsense package in an old thread: there is any news about softether inclusion on opnsense ( for example GUI)?

THanks in advance
#29
16.7 Legacy Series / OpenVPn (client) and gateway
August 11, 2016, 08:43:52 PM
I reinstalled 16.7.1 version from scratch.

I configured Openvpn client to a VPN provider: VPN connection is established without problems (I used "don't pull route" in the client configuration).

Then I created a new interface (based on opvnc1): at this point Opnsense created a new gateway with 255.255.255.0 as address (from Gateways->Status).

It's normal?

TIA
#30
Italian - Italiano / Re: Benvenuti
August 05, 2016, 07:42:58 PM
Tra l'altro burghy, ho visto che vuoi tradurre l'interfaccia in italiano: se hai bisogno di un aiuto, fammelo sapere.