"
Unplug port 2 and use this link to get GUI access to Draytek https://forum.opnsense.org/index.php?topic=36936.msg180650#msg180650
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#31
General Discussion / Re: OPNsense & Draytek Vigor 165: Error messages in logs & firewall
March 21, 2025, 07:29:05 AM #32
Virtual private networks / Re: External Access Behind CG NAT
March 20, 2025, 07:59:51 AMQuote from: Ryushin on March 20, 2025, 12:07:05 AMIt solves a few of my problems but not for external access to my server.
Check out tailscale funnel or cloudflared
#33
General Discussion / Re: Date and time reset to years in the past after power outage
March 18, 2025, 07:26:34 AM
Yes! :-)
Also think about setting up NTP across your network which in itself is an important security measure against replay attacks and to correlate security events in various logs.
Also think about setting up NTP across your network which in itself is an important security measure against replay attacks and to correlate security events in various logs.
#34
General Discussion / Re: Tailscale with subnet routing not working
March 14, 2025, 07:31:23 AM
Did you approve the subnet route in your tailnet admin console? It's under edit route settings for the firewall node.
#35
25.1, 25.4 Legacy Series / Re: Tailnet traffic going to exit node of OPNSense is not picking up Unbound DNS
March 13, 2025, 02:39:01 PM
Try testing with a client that thas more and better tools - e.g. a laptop tethered to your phone or connected to a phone hotspot.
Can you resolve names from Unbound? What about your domain name?
Also consider setting a floating rule to allow ICMP everywhere while you are testing
Can you resolve names from Unbound? What about your domain name?
Also consider setting a floating rule to allow ICMP everywhere while you are testing
#36
25.1, 25.4 Legacy Series / Re: Tailnet traffic going to exit node of OPNSense is not picking up Unbound DNS
March 13, 2025, 08:31:38 AM
Open your Tailscale admin console, click the DNS tab, Add nameserver, Custom, enter the Tailscale IP address of your firewall, toggle 'Restrict to domain' and enter your domain.uk DNS domain.
BTW, if you install a reverse proxy on your server (Traefik, Caddy, NPM, etc.) you can configure it so your clients will not have to add the 30032 port.
BTW, if you install a reverse proxy on your server (Traefik, Caddy, NPM, etc.) you can configure it so your clients will not have to add the 30032 port.
#37
General Discussion / Re: Scoop & Winget Struggling on My Network – Possible IPv6 Issue?
March 06, 2025, 07:32:24 AM
Beware of shotgun debugging. http://www.catb.org/jargon/html/S/shotgun-debugging.html
Install Wireshark and find out what is happening on Windows. You can also use it to visualise packet traces from OPNsense, should the need arise. https://www.wireshark.org/
Bart...
Install Wireshark and find out what is happening on Windows. You can also use it to visualise packet traces from OPNsense, should the need arise. https://www.wireshark.org/
Bart...
#38
General Discussion / Re: OPNSense Stopping Internet after 24+ hours, where can I start troubleshooting?
March 04, 2025, 07:24:05 AM
The PPPoE log used to be separate but in 25.1 it is under System: Log Files: General
#39
24.7, 24.10 Legacy Series / Re: Can you run a bluetooth keyboard in OPNsense?
March 03, 2025, 08:18:29 AMQuote from: Old_Rager on March 03, 2025, 03:00:15 AMI tried reaching out to my NUC manufacturerIntel sold the NUC product line to Asus. Most NUC's have a header that mirrors the power switch. https://www.intel.com/content/www/us/en/support/articles/000007309/intel-nuc.html which is what I use for remote power control.
USB keyboards are handled by the BIOS while BT usually need OS support, thus making them less suitable for emergency reboots.
Bart...
#40
Web Proxy Filtering and Caching / Re: Social Media and desinfomation dns blocklist
March 02, 2025, 08:42:19 AM
Bin all smartphones in the house. This is not a joke; you can only completely fix this at the client end. https://www.amazon.co.uk/dp/B0B6WLBKKR
You will obviously have to discuss your reasons for wanting to ban social media but that goes for any solution you propose.
You will obviously have to discuss your reasons for wanting to ban social media but that goes for any solution you propose.
#41
General Discussion / Re: UI Jitter | OPNsense 25.1.2-amd64
March 02, 2025, 08:33:37 AM
Can you post to a site that doesn't require a Google account please?
#42
25.1, 25.4 Legacy Series / Re: Connecting to IPCamera Subnet
February 28, 2025, 07:15:04 AM
Why are the cameras outside the NVR subnet? If you are keeping the NVR as a router, you need a static route on OPNsense for 192.168.254.0/24 via 192.168.22.123.
It would be much simpler if the NVR and the cameras were all on a flat VLAN.
It would be much simpler if the NVR and the cameras were all on a flat VLAN.
#43
General Discussion / Re: Port forwarding through ISP router and OPNsense?
February 27, 2025, 07:49:39 AMQuote from: LisaMT on February 27, 2025, 04:57:51 AMport forward from the incomming port of 1234 to port 80 on 192.168.10.5Modern browsers will warn sternly about unencrypted HTTP and force users to click twice before accessing your site. If you are using port 80 for ACME, you may be better off with cloudflared which avoids opening ports and includes a PKI certificate.
There are many YT videos to help you, such as this one from Chris Sherwood https://youtu.be/ZvIdFs3M5ic
#44
25.1, 25.4 Legacy Series / Re: Widgets all fail to load and intermittent choppy firewall connection
February 25, 2025, 07:32:16 AM
Run a memory test https://www.memtest86.com/
#45
Virtual private networks / Re: OpenVPN / Letsencrypt : unable to get issuer certificate
February 23, 2025, 09:49:06 PM
Can you try with a Linux client such as WSL on Win 10? You can then run the OpenVPN binary with the client .ovpn in the foreground and get more diagnostics with:
openvpn --verb 4 myconfig.ovpn
openvpn --verb 4 myconfig.ovpn
