OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Hektor »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Hektor

Pages: 1 [2]
16
General Discussion / Hyper-V VM for fault tolerance with CARP and active/active firewall?
« on: January 24, 2016, 03:59:17 pm »
Hello,

I wonder if it's supported to set up 2 OPNsense firewalls as two separate but identically configured virtual machines on Microsoft Hyper-V Server 2012 R2 with full CARP support?

I know that it's possible to set up an active/active firewall with CARP from some years ago when CARP was introduced to and by OpenBSD. I did that with "real" hardware though :-)

I need the following functionalities:
- NAT and basic firewall rules
- if available some content filtering especially for HTTP and SMTP/mail traffic
- perhaps some HTTP proxy/squid
- perhaps some guest network access
- perhaps some snort/IDS/amavisd
- perhaps some monitoring with darkstat/ntop or something similar

Since the current firewall is just a so called "FRITZ!Box" (some very nice and stable Linux-based hardware router) everything above that is better :-)

If it's possible:
How could I install and configure the 2nd VM? Can I simply export the 1st Hyper-V VM with all settings, VHDX files etc. and set it up on another Hyper-V host? Changing hostname, IP addresses and setting up CARP, of course.

Has anybody done this before? Perhaps with pfSense?

Regards

17
15.7 Legacy Series / Re: bandwidth monitoring
« on: January 07, 2016, 04:30:27 pm »
I've just tested it with the local LAN interface, working great so far :-)

I only got an error with "pkg -f" but it was installed anyways. The "-f" parameter seems to be unknown/illegal.

FYI: darkstat is listening on port 667/tcp so point your browser to http://yourLAN:667 and you see some details.

Since I'm pretty new to FreeBSD (was using OpenBSD some years ago tough...) can someone point me in the right direction to run darkstat after a reboot? Probably during some rc.d magic but each system is different here...

18
15.7 Legacy Series / Re: bandwidth monitoring
« on: January 05, 2016, 05:31:54 pm »
*push*

One of the reasons I registered to this forum was to ask the exact same question :-)

I'm used to some "old" Astaro appliances which had *a lot* of monitoring based on IP addresses, generated traffic filtered by time and amount etc.

I didn't see any options for that kind of monitoring, too.

Seems that there are some tools like bandwidthd, darkstat, ntop etc. which seem to work with pfSense (or did with some version at least). Is that a supported option to install these tools on OPNsense since it's based on pfSense and FreeBSD?

Any chance to get such packages for OPNsense natively with full GUI support?

Regards

Pages: 1 [2]
OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2