106
General Discussion / Re: Can opnsense do "Full cone NAT" ?
« on: April 03, 2020, 08:20:09 pm »
Yes, it can, the documentation is always a good place to start: https://docs.opnsense.org/manual/nat.html#one-to-one
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
107
19.7 Legacy Series / Logging/targets - a comment and a question
« on: August 31, 2019, 03:49:56 pm »
I've just been looking at using the Logging/Targets and (to me) it seems rather odd to have a drop-down box on the page that has "Nothing selected", to me that seems to imply that no 'Applications/log levels/facilities have been selected.
If you look at the Full Help and see that it says this:
I would guess that the definition of 'omit' in this usage wouldn't be that clear to most people and perhaps it would be better to have "All Selected" (and have them ticked in the drop-down) as the initial 'selection' to make it clear that all of the items in the drop down list have been selected?
If you look at the Full Help and see that it says this:
Quote
Choose which levels to include, omit to select all
I would guess that the definition of 'omit' in this usage wouldn't be that clear to most people and perhaps it would be better to have "All Selected" (and have them ticked in the drop-down) as the initial 'selection' to make it clear that all of the items in the drop down list have been selected?
108
19.7 Legacy Series / Re: Since update 19.7 NAT Translastion don't work
« on: August 26, 2019, 07:19:34 am »
What you have there is "double nat" and that's never a good idea at the best of times. You should put the Livebox in Bridge Mode (can it do bridge mode?) and pass your public IP address to OPNsense, that's the better method and it's what I do with my Freebox.
If your Livebox can't do bridge mode then you'd be better purchasing a suitable modem and using that, any of the French/Orange forums should give you a good idea on what would be the best choice.
If your Livebox can't do bridge mode then you'd be better purchasing a suitable modem and using that, any of the French/Orange forums should give you a good idea on what would be the best choice.
109
Tutorials and FAQs / Re: Help on my first setting - no internet
« on: August 24, 2019, 05:48:13 pm »
If you can ping by IP address and not by domain name it would indicate that you have a DNS problem, that's also indicated by this error you've posted:
Code: [Select]
ping: cannot resolve www.google.com: Host name lookup failureDo you actually have a DNS server installed and/or specified on the LAN?
110
19.7 Legacy Series / Re: Problem running cron job
« on: August 17, 2019, 07:47:02 am »
Strangely, this seems to now be working. The only thing I did was to change the schedule to every 30 minutes, this morning I checked and the jobs have been running overnight.
111
19.7 Legacy Series / Re: Problem running cron job
« on: August 16, 2019, 06:47:43 pm »
Just for clarification, this is just a bash script I'm trying to run via cron. It does work when manually run and it also runs when OPNsense is rebooted but it only runs once and never on the set schedule of 5 minutes (that's just for testing) after it's first run.
Is there any way to debug why a cron job isn't being run on it's set schedule? Does anyone else see this problem?
Is there any way to debug why a cron job isn't being run on it's set schedule? Does anyone else see this problem?
112
19.7 Legacy Series / [Resolved] Problem running cron job
« on: August 14, 2019, 08:01:12 pm »
I currently have the 19.7.2 release installed and it seems getting a cron job to run has changed since I last did this. 
Because of a problem with my 'box' that connects me to the internet where I occasionally lose all outside contact I need to reboot this at that point to regain my connection.
First of all I went to the UI and System/Settings/cron and tried to add a new job there only to find a pre-existing list of command that couldn't be modified or new ones added. Checked the documentation here https://docs.opnsense.org/manual/settingsmenu.html?highlight=cron#cron which basically confirmed I was looking at the correct screen.
It was only when I found this site http://kb.unixservertech.com/other/networking/opnsense/cron-jobs that I discovered configd is now used.
I have a script that checks my connection to the internet by basically sending a ping to several sites and if it fail it will reboot my 'box' to restore the connection. I duly recreated a new config file for configd, restarted the service and tested that it ran my script correctly, it did and entered several entries in the log file. I'd also created a new cron job using my config file a the 'job' and set it to be run every five minutes. After that, nothing! The script does not run and no further entries appear in the log file.
I've currently placed my script in "/etc/rc.conf.d/scripts" (is there somewhere more appropriate?) and the config file contains this:
Is there something obvious I might have missed or anything else that needs to be checked to get this cron job working?
Sorry about the long post.
Because of a problem with my 'box' that connects me to the internet where I occasionally lose all outside contact I need to reboot this at that point to regain my connection.
First of all I went to the UI and System/Settings/cron and tried to add a new job there only to find a pre-existing list of command that couldn't be modified or new ones added. Checked the documentation here https://docs.opnsense.org/manual/settingsmenu.html?highlight=cron#cron which basically confirmed I was looking at the correct screen.
It was only when I found this site http://kb.unixservertech.com/other/networking/opnsense/cron-jobs that I discovered configd is now used.
I have a script that checks my connection to the internet by basically sending a ping to several sites and if it fail it will reboot my 'box' to restore the connection. I duly recreated a new config file for configd, restarted the service and tested that it ran my script correctly, it did and entered several entries in the log file. I'd also created a new cron job using my config file a the 'job' and set it to be run every five minutes. After that, nothing! The script does not run and no further entries appear in the log file.
I've currently placed my script in "/etc/rc.conf.d/scripts" (is there somewhere more appropriate?) and the config file contains this:
Code: [Select]
[reload]
command:/etc/rc.conf.d/scripts/freebox-check
parameter: %s
type:script
message:Check Freebox Internet Connection
description:Freebox Connectivity CheckIs there something obvious I might have missed or anything else that needs to be checked to get this cron job working?
Sorry about the long post.
113
Hardware and Performance / Re: Hyperthreading is vailable in 19.1.x?
« on: July 10, 2019, 02:51:22 pm »Isn't this Intel-only .. ?Yes HT Technology is Intel and the equivalent for AMD it is SMT (i.e. multiple threads) but the SOC model above appears to have 4 cores on the chip and that's just physical cores not SMT.
114
19.7 Legacy Series / Re: HyperV installation never starts
« on: May 25, 2019, 03:59:53 pm »
You've posted the same message in two different forums and those are the 19.1 Production Series and the 19.7 Development Series -any particular reason for that and which version are you actually trying to install?
115
19.1 Legacy Series / Re: what the hell is a C++ compiler doing on my system ???
« on: February 25, 2019, 03:58:21 pm »Hello,Shouldn't you be asking that on a pFsense forum?
Searching for big files on my system I found really unexpected things on pfSense...
116
General Discussion / Re: Help request: how to debug DNS resolve error in Unbound<>Bind setup
« on: January 12, 2019, 03:02:08 pm »I get a DNS_PROBE_FINISHED_NXDOMAIN DNS error on www.synology-forum.nl of which I am sure it exists.That would undicate the domain does not exist according to your DNS resolver.
If I disable the BIND forward, Unbound resolves the URL without problems.That would indicate that the website is on a 'blacklist' and therefore gives the error I've quoted above, that's what a blacklist is for. You need to remove that domain name entry from your blacklist.
Big Question: what is causing Bind to not resolve the url?
117
Intrusion Detection and Prevention / Re: Enabling IPS kills internet connection - fresh install and simple network
« on: January 12, 2019, 12:03:46 pm »
It works fine for me (and plenty of others). 
I'll start with some of the usual questions. Is this a VM or real hardware? If it's a VM, which hypervisor? Which NIC driver are you using (if a (VM)? If it's not an E100 driver, it should be. Have you disabled all the 'offload' functions as mentioned in the documentation? What are the specs of your hardware for OPNsense? Have you looked at any of the other forum posts that cover this topic (a search will find them for you)?
I'll start with some of the usual questions. Is this a VM or real hardware? If it's a VM, which hypervisor? Which NIC driver are you using (if a (VM)? If it's not an E100 driver, it should be. Have you disabled all the 'offload' functions as mentioned in the documentation? What are the specs of your hardware for OPNsense? Have you looked at any of the other forum posts that cover this topic (a search will find them for you)?
118
General Discussion / Re: Ultimate noob unable to access web gui for OPNsense VM
« on: December 31, 2018, 06:10:29 pm »As the title states, I'm a complete noob to the Linux firewall scene. I set up PiHole some time ago and have enjoyed monitoring my DNS traffic, so I figured this was the next logical step in gaining more control over my home network.The first thing to mention is that OPNsense is not a Linux firewall it's actually FreeBSD.
I have seemingly successfully installed OPNsense as a virtual machine. The VM is installed via KVM on my machine running Ubuntu 18.04.1 LTS and Cockpit. Cockpit shows my VM as running. I am able to access the VM via SSH, but I am unable to access the web gui.What is the IP address of your OPNsense VM? Can you telnet to port 443 on that IP? If you can then you should be able to got to the IP address using "https" in any browser. Did you also go through the initial configuration of the server via the konsole after you installed it?
For reference, 192.168.1.2:9090 takes me to my Cockpit gui from any machine on my LAN. So I would assume I would connect to OPNsense via 192.168.1.2:<someport>? I've tried searching around for this, but to no avail. I'm probably just doing something stupid.
119
Spanish - Español / Re: FREEBSD LENTO
« on: December 12, 2018, 01:58:27 pm »He visto en foros que la gente dice que el FREEBSD es lento, de echo estoy intentando acelerar mi firewall pero no hay manera, es eso cierto?The answer is still "no", the same as your other thread.
You really shouldn't post duplicate messages in a forum (even in different languages) as people don't know which thread to follow or reply to.
120
18.7 Legacy Series / Re: upgrade to 18.7 stuck
« on: November 24, 2018, 11:51:52 am »
How about saving your current configuration then doing a clean install and importing the configuration into that?