Also posting site's A and B server and client settings would help. Specifically:
Tunnel Network
IPv4 Local Network
Im assuming you are only using IPv4
Tunnel Network
IPv4 Local Network
Im assuming you are only using IPv4
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Show posts MenuQuote from: Julien on November 28, 2018, 11:17:51 PM
Dear all,
I have been struggling to route traffic and running between opnsense and pfsense.
Opnsense is running 17.7.8
Pfsense is running 2.4.4
both box are running openvpn version 2.4.6_3
the tunnel is up on both sides, the issue is we cannot connect from location A to B and otherway arround.
this issue is mostly if the tunnel or remote ip are differents but i've checked them like 100 time.
Can someone please advies me how to get ths routing correctly set up.
Thank you so much
Quote from: walkerx on November 28, 2018, 06:50:06 PMQuote from: Ren on November 28, 2018, 05:06:38 PMI had actually already looked at that, but still wasn't working
Please see https://forum.opnsense.org/index.php?topic=8710.msg39035#msg39035
I removed all the rules and reapplied the following settings only, any other setting under the Port Forward menu I left at their defaults (never even went into the advanced for Source)
Option
Firewall: NAT: Port Forward
Interface: WAN
TCP/IP Version: IPv4+IPv6
Destination: WAN address
Destination port range: from/to other 32400
Redirect target IP: PlexServer (or IP Address)
Redirect target port: other 32400
Description: Plex Remote Access
Nat reflection: Enable
Filter rule association: Pass
This now seems to be working, but will monitor it for the next 24/48 hours
Quote from: nqnguyen2 on February 08, 2018, 06:05:29 AM
1. Correct pfBlockerNG is not available.
2. From what I understand, the GeoIP updates every day (Gurus correct me if I'm wrong).
*Source: core/src/opnsense/scripts/filter/lib/alias.py (line 160)
3. All Aliases auto-update, pull information, or populate in the pfTables as soon as you click the Save button.
4. I've tested firehol alias and it's working fine for me.
*Alias has similar settings like yours: https://www.screencast.com/t/YrEu7vG2iyQ2
-Firehol alias using this URL: https://iplists.firehol.org/files/firehol_level1.netset
*pfTables populated immediately after saving the alias: https://www.screencast.com/t/cpZvnqyaI
5. Yes, your firehol alias set for 1 day expiration will update every day.
6. You can force an update by editing the alias, make no changes, and click Save button.
Recommendations
1. Please check your Alias Names and Descriptions. It appears you have multiple typos that can make troubleshooting confusing when your configurations become more complex.
2. Please consider allowing access for a smaller group of aliases vs denying the entire world. This will make your tables smaller, easier to troubleshoot, use less RAM, better performance, etc.
Quote from: bobbythomas on December 12, 2017, 06:45:09 AM
I think you might have configured the proxy incorrectly. Are you using letsencrypt cert for ssl inspection? You cannot use letsencrypt for ssl inspection, you will need an internal CA or self signed cert. Please go through the proxy documentation once again.
Thank you,
Regards,
Bobby Thomas
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 0: ioport 0xc00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 1: ioport 0x1c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 2: ioport 0x2c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 3: ioport 0x3c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 4: ioport 0x4c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 5: ioport 0x5c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 6: ioport 0x6c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 7: ioport 0x7c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 8: ioport 0x8c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 9: ioport 0x9c00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 10: ioport 0xac00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 11: ioport 0xbc00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 12: ioport 0xcc00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 13: ioport 0xdc00 alloc failed
Dec 10 04:48:57 OPNsense kernel: ahc_isa_identify 14: ioport 0xec00 alloc failed
module_register_init: MOD_LOAD (vesa, 0xffffffff81149b90, 0) error 19
Quote from: franco on December 11, 2017, 02:06:32 PM
Maybe this is a console setting: System: Settings: Administration, choose "EFI" as primary console.
Cheers,
Franco