Messages

1

20.1 Production Series / How to use monit to reboot firewall when VPN gateway is not reachable for X min

« on: March 13, 2020, 02:59:14 pm »

I am looking for some advise for how to use monit to achieve the following:
I have a remote OPNsense which uses an OPNvpn site to site tunnel to my main site.
Now when the remote OPNsense can't reach the destination gateway, i want to wait for X min and then reboot.
Now after reboot, if it doesn't reconnect  - obviously the problem is somewhere else and I want to add an additional delay before rebooting again and so on. Once connection is established it shoud revert back to the default delay of course.
Do I need to write some shell script for that exercise or can monit do it out of the box?

thanks!

2

20.1 Production Series / Re: WireGuard interface assignment

« on: February 20, 2020, 05:10:13 pm »

No, thats good, be picky
Indeed, it's some time ago when I wrote it down, maybe I'm wrong (was).
So can you verify it works also without assigning?

It does work well without manual interface assignment.

3

20.1 Production Series / Re: WireGuard interface assignment

« on: February 18, 2020, 05:14:19 pm »

Thanks. I will.

4

20.1 Production Series / Re: WireGuard interface assignment

« on: February 18, 2020, 04:51:31 pm »

Is that what you mean by “filter some streams out of it”? Ok. I read the chapter differently. For me it sounds like “ in any case where you want to route all traffic through vpn, assign an Interface manually.”  Sorry for being picky on this, but I just want to improve this with my feedback. 

5

20.1 Production Series / Re: WireGuard interface assignment

« on: February 18, 2020, 03:49:22 pm »

thanks a lot, that answers the question. Might be worth adapting the documentation.

6

20.1 Production Series / Re: WireGuard interface assignment

« on: February 18, 2020, 07:17:47 am »

Like this:

WG0 is a manually assigned Interface according to the docu. The other one is auto created I guess. Does it matter which one to use? Why would I need to manually assign an interface anyway?
Thanks a lot!

7

20.1 Production Series / WireGuard interface assignment

« on: February 16, 2020, 05:00:44 pm »

After long time pushing this out, I have started to migrate my road warriors over to WireGuard.
Quick question on the server side config:
The docu says:

Is that still necessary? The NAT setup also offers me the automatically created WireGuard Interface. Why can’t I use that instead of doing a new assignment?
Thanks!

8

20.1 Production Series / Re: PPPoE logging

« on: February 03, 2020, 02:58:24 pm »

Can you check via console: clog /var/log/ppps.log ?

Yep. Just did. The log is there and it contains the records from this mornings reconnect after upgrade/reboot.

9

20.1 Production Series / PPPoE logging

« on: February 03, 2020, 10:23:08 am »

Upgraded two boxes yet.
One dials in per PPPoE which works but the is no diagnostic log for PPPoE. The link in the UI is there (Interfaces, Point to Point, Log File), but the log seems empty even though the interface is connected.

10

19.7 Legacy Series / Re: IPv6 ULA + track interface

« on: January 17, 2020, 09:06:00 am »

Thanks for the feedback Maurice,
How do other handle scenarios like this? It doesn’t seem so uncommon.
- Till

11

19.7 Legacy Series / IPv6 ULA + track interface

« on: January 15, 2020, 01:09:02 pm »

Can someone advise me how to setup IPv6 properly for the following scenario:

4 VLANS
IPv6 assignment to all VLANS via track interface WAN -> works
IPv6 may change during DSL - reconnect (Deutsche Telekom).

piHole as a DNS server in VLAN-DMZ should be reachable as IPv6 DNS server. As my public IPv6 adresses may change, I cannot assign statically an adress from my public range to piHole. Distributing a dynamic adress for a DNS server sounds like a bad idea.
So my idea (open for others) is to assign ULA adresses in addition to the public ones. Then I can distribute the piHole ULA adress via DHCP6 to the clients and they can reach the DNS server.

So far the idea. I couldn't figure out how to set this up in OPNsense though. How can I assign ULA static addresses in addition to the dynamic ones?

thanks!

12

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: January 14, 2020, 11:38:44 am »

Also - keep in mind, I am on the release, not dev. So I am running 19.7.9.

13

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: January 14, 2020, 11:37:20 am »

Happy to volunteer for testing.
just let me know what to do with the manually installed pieces (rename/leave there but stop/whatever).
cheers!

14

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: January 12, 2020, 12:50:34 pm »

Ok, I can confirm this works.
I have not tried replacing  my IGMPproxy for IPTV. I am just running a single instance of the relayproxy for port 1900 for Sonos and that works.
Many thanks for all who contributed to the solution, especially @marjohn56.

15

19.7 Legacy Series / Re: [Solved] Sonos on VLANS

« on: January 10, 2020, 01:36:02 pm »

The archive contains all you need and a docx file ( sorry using windoze ).

No worries, even my mac can display that docx format :-)