Messages

16

17.7 Legacy Series / Re: Unable to upgrade from 17.1.11

« on: August 07, 2017, 10:39:59 pm »

Hi,

today I just retried to update (from GUI) and, voila, update worked.

Very very strange.

17

17.7 Legacy Series / Re: Unable to upgrade from 17.1.11

« on: August 06, 2017, 07:38:25 am »

I tried with default, OPNSense Amsterdam with same result.

Now, i just retried with this result:

Fetching packages-17.7-LibreSSL-amd64.tar: ......... done
Fetching base-17.7-amd64.obsolete: ... done
Fetching base-17.7-amd64.txz: ..................................Signature for file not available.
 failed

18

17.7 Legacy Series / Unable to upgrade from 17.1.11

« on: August 05, 2017, 07:56:01 pm »

Hi,

I tried to upgrade but get this error when I try to upgrade (from GUI or from ssh):

Fetching base-17.7-amd64.obsolete: .............................................................opnsense-verify: Unable to open /var/cache/opnsense-update/41418/base-17.7-amd64.obsolete: No such file or directory
 failed


Can you help me?

TIA


Note: I use /var and /tmp in memory
Note2: In the log file I found this:

configd.py: [1b18a9de-e07f-4353-8121-ad3ef316fb82] Script action stderr returned "pkg: Repository OPNsense has a wrong packagesite, need to re-create database"

19

17.1 Legacy Series / Squid and MultiWAN

« on: March 17, 2017, 04:30:56 pm »

Hi,

in my configuration I would like to use WebProxy (forward proxy) with a sort of multiwan configuration.

In my opnsense box, I configured VPN clients (3 openvpn clients) and a gateway group with these 3 openvpn connections: until now  I used this group (with some firewall rules) to force the use of vpn group for some LAN clients traffic and all works good.

Now I would like to add also a web proxy (squid) with the above vpn group: so I enabled and configured proxy (not transparent).

I know squid proxy uses, by default, only default gateway (WAN gateway) and in this mode all works good but I want to force to use only vpn group.

So I read many guides about this argument and I tried to use floating rules for http/https ports, I tried also to add "tcp_outgoing_address 127.0.0.1" in squid template but with no success: can you point me on right direction?

Thanks in advance

20

Italian - Italiano / Re: Benvenuti

« on: February 26, 2017, 08:52:20 pm »

Ciao Fabio,

Anche io una ftth Vodafone ed uso opnsense in cascata alla station revolution ma non serve ne' dmz  né  nat e francamente sono piuttosto soddisfatto della soluzione.

Trovo comunque molto interessante la tua proposta e potresti postarla direttamente sulle sezioni relative alla versione 17.1 (ovviamente traducendola in inglese).

Ciao

21

17.1 Legacy Series / Re: Upgrade from 16.7.14: Firewall rules doesn't works as before

« on: February 02, 2017, 05:54:39 pm »

Thanks franco,

but my problem is not linked to IPSec: I use some rules on LAN side with a specific gateway group (I sent yesterday my two /tmp/rules.debug files, one for 16.7 and one for 17.1).

Thanks

22

17.1 Legacy Series / Re: Upgrade from 16.7.14: Firewall rules doesn't works as before

« on: February 02, 2017, 05:29:33 pm »

Hi,

these is any news about this?

Thanks

23

17.1 Legacy Series / Re: Upgrade from 16.7.14: Firewall rules doesn't works as before

« on: February 01, 2017, 07:59:02 pm »

Hi,

I just sent via email my two rules.debug files, one from 16.7 (working) and other from 17.1 (not working).

24

17.1 Legacy Series / Upgrade from 16.7.14: Firewall rules doesn't works as before

« on: January 31, 2017, 08:18:29 pm »

HI,

I just upgraded from 16.7.14 version and all seems works very well but not firewall rules.

I have some firewall rules (LAN Tab) to force VPN use on my LAN net: with 16.7.14 all works well but with 17.1 (I haven't modify any configuration) same rules doesn't works anymore.

Can you give me some advice?

Thanks in advance

P.S.: Now I reverted to 16.7.14 (Vmware machine) but I will try also with a fresh installation

25

16.7 Legacy Series / Gateway group: connections not really balanced

« on: November 03, 2016, 08:56:09 pm »

Hi,

I am using a gateway group with my 3 VPN connections (I use opnsense as Openvpn client): I defined group (all three connections are tier 1) and firewall rules and all works very good but these 3 connections are not really balanced.

One of these is used at 80%, the others two at 10% each (I see these statistics from OpenVPN->Connection Status).

I think this is not normal: can you help me?

TIA

26

General Discussion / Re: Openvpn mono thread solution: Softether

« on: August 21, 2016, 03:52:24 pm »

At this moment I use OPNSense as VPN gateway to VPN Internet provider (like StrongVPN, AirVPN, ExpressVPN and so on): I configured OPNSense (firewall outbound with specific rules) to use this VPN connection from some (but not all) LAN hosts.

I would like to substitute Openvpn with softether on opnsense: at this moment I think is not possible. Am i right?

Maybe I must to install Softether client on a Linux host and use it as gateway for every LAN hosts that need a VPN connection.

27

General Discussion / Re: Openvpn mono thread solution: Softether

« on: August 20, 2016, 04:49:58 pm »

Thanks Bill,

I would prefer to run it on OPNsense (as a complete openvpn substitute) but at this moment I can also use an another machine: but in my case I don't need SoftEther server but only as the client version.

So I could use a VPS with SoftEther server (and Softether client on a my internal machine) or I can use a VPN provider compatible with Softether: what do you think?


Alex

28

General Discussion / Openvpn mono thread solution: Softether

« on: August 19, 2016, 11:19:16 pm »

Hi,

From my point of view, Openvpn main problem is mono thread (and mono core) restriction.

I found Softether solution and I read about opnsense package in an old thread: there is any news about softether inclusion on opnsense ( for example GUI)?

THanks in advance

29

16.7 Legacy Series / OpenVPn (client) and gateway

« on: August 11, 2016, 08:43:52 pm »

I reinstalled 16.7.1 version from scratch.

I configured Openvpn client to a VPN provider: VPN connection is established without problems (I used "don't pull route" in the client configuration).

Then I created a new interface (based on opvnc1): at this point Opnsense created a new gateway with 255.255.255.0 as address (from Gateways->Status).

It's normal?

TIA

30

Italian - Italiano / Re: Benvenuti

« on: August 05, 2016, 07:42:58 pm »

Tra l'altro burghy, ho visto che vuoi tradurre l'interfaccia in italiano: se hai bisogno di un aiuto, fammelo sapere.