Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - skywalker007

Pages: [1] 2 3

22.1 Legacy Series / IPv6 track interface often fails after temporary DSL line failure

« on: May 03, 2022, 12:03:27 pm »

Team,
this is a problem I have for more than a year, so it is not specific to the current version. Nevertheless I wonder how to either fix it or work around it.
My setup is an external VDSL modem with OPNSense initiating a PPPoE session on it.
Unfortunately, the line is suffering from temporary instabilities. So it may break down and OPNsense re-establishes the connection a minute later. The problem I have is that in those cases, IPv6 adress assignment via track interface often fails. I assume this i some kind of timing problem. I can manually fiy this by reloading the PPPoE via Interfaces->Overview->WAN-> PPPoE reload.
However this is a cumbersome manual procedure.
Any ideas?

thanks, Till

22.1 Legacy Series / [Solved][22.1.6][unbound] host overide alias doesn't work

« on: April 29, 2022, 03:18:31 pm »

Hi,
just realized - no matter what I put into the alias dialog, nothing shows up under host override -> alias afterwards. The list stays empty.
Is this a bug?

thanks! Till

22.1 Legacy Series / compatible plugins

« on: January 31, 2022, 05:12:56 pm »

As always, I struggle to find out if alll the plugins I run will be compatible with 22.1.
Is there any way to figure out without trial/error?

thanks!

Zenarmor (Sensei) / Zenarmor and local proxy

« on: January 20, 2022, 11:45:51 am »

For a specific use case, I run a forward proxy server on OPNsense.
However, those clients using the proxy, seem to bypass Zenarmor.
Any recommendation how to configure it to work with a locally installed proxy?

thanks!

21.7 Legacy Series / allow internet access to VLAN6 but block access to other local IPv6 networks?

« on: December 25, 2021, 09:36:02 pm »

I need a quick inspiration:
On IPv4, i can easily create a rule that allows internet access to a certain VLAN and excluding access to other local networks by inverting the destination.
With IPv6 (track interface), I don't have static networks. How would I craft a rule to achieve the same which would work with any IPv6 network assigned to the other interfaces?

thanks, Till

German - Deutsch / Plötzlich Probleme beim Zugriff auf ARD und ZDF Mediathek

« on: November 28, 2021, 11:24:48 am »

Hallo,
hat irgendjemand ähnliche Erfahrung gemacht das der Zugriff auf die Mediatheken vom SmartTV plötzlich hakt? Hat sich durch eines der letzten OPNSense updates da irgendwas verändert?
Ich steh da grad ein bisschen auf dem Schlauch.
VG!

21.1 Legacy Series / update oddities

« on: February 10, 2021, 01:05:13 pm »

Hi,
for a while already I have the problem that one of my firewalls won't update via UI anymore.
It always resonds with

Code: [Select]

"Timeout while connecting to the selected mirror."Updating from shell works. Though it throws a warning:

Code: [Select]

Fetching change log information, please wait... fetch: transfer timed out
fetch: /tmp/changelog/changelog.txz.sig appears to be truncated: 0/1332 bytes

Checking that folder, it is indeed empty:

Code: [Select]

root@OPNsensemil:~ # ls -la /tmp/changelog/
total 8
drwxr-xr-x  2 root  wheel   512 Feb 10 13:01 .
drwxrwxrwt  6 root  wheel  1024 Feb 10 12:59 ..
root@OPNsensemil:~ #

Any advise how to fix this?
I am on 21.1, but this problem existed before.

Update:
this seems to be similar to this:
https://forum.opnsense.org/index.php?topic=21087.msg98506#msg98506

thanks, Till

20.7 Legacy Series / Can pppoE break a DSL sync?

« on: December 02, 2020, 06:54:07 pm »

Not sure if the topic attracts a reader but let me give it a try:

I have, since a few months, the problem that my VDSL connection breaks once or twice a day.
My setup so far was OPNsense with pppoE on WAN -> Draytek Vigor 165 as modem.
It's not only the pppoe that breaks, it is the DSL wich re-syncs and then 2 min later the connection is back.

I replaced the modem - > same issue.
I called the ISP, they came and changed the port in the DSLAM and also the a different pair of cables.
-> same issue.
So I bought an original Telekom Smart 3 router, put it into modem only mode and tried that -> same issue.
So finally, I put the Telekom Smart 3 back into router mode, reconfigured OPNsense to not use pppoe but just send packets to the Telekom router. -> Now the connection is stable.
How can that be? Did OPNsense 20.7 introduce some major changes to the pppoe client that brakes my connection? I can't imagine. I am a bit out of ideas and want my old setup back but I need to get it stabilized (was running well before). I can't really say if this started with the 20.7 upgrade, but it falls into the same timeframe.
Any feedback, suggestions are highly appreciated!
cheers, Till

Zenarmor (Sensei) / Sensei always switches back to bypass mode?

« on: November 01, 2020, 09:02:43 pm »

I am currently testing Sensei on my system and realized that it often switches back to bypass mode automatically.
Why is that?
My VDSL connection is a bit unstable which leads to frequently changing IPv6 addresses on my LAN interfaces. Could that be a reason?
thanks! Till

20.7 Legacy Series / Interfaces lose IPv6 after DSL reconnect

« on: October 28, 2020, 08:52:02 am »

Scenario:
Vigor 165 modem mode
OPNsense runs pppoe on WAN and tags VLAN 7 (Deutsche Telekom)

I am currently having the problem that my VDSL is a bit flaky and loses sync at least twice a day and rebuilds the DSL connection.
When that happens, all my interfaces lose their IPv6 address (all configured to track WAN if).
This can be solved by manually navigating to Interfaces->overview->WAN and hit the "reload" button.

Is that a known issue?

thanks! Till

20.7 Legacy Series / Ubbound ACLs after IPv6 prefix change

« on: October 14, 2020, 03:46:04 pm »

I found this in the archive:
https://forum.opnsense.org/index.php?topic=13196.msg72076#msg72076
I have the same problem with current version. Once IPv6 prefix changes, unbound refuses my queries.
Should OPNsense automatically restart unbound after prefix change? Is this a bug or a feature?

thanks! Till

20.7 Legacy Series / Compatible plugins?

« on: August 28, 2020, 03:58:19 pm »

How can I know if all installed plugins are compatible / available with 20.7 before upgrading?

thanks!

20.1 Legacy Series / How to use monit to reboot firewall when VPN gateway is not reachable for X min

« on: March 13, 2020, 02:59:14 pm »

I am looking for some advise for how to use monit to achieve the following:
I have a remote OPNsense which uses an OPNvpn site to site tunnel to my main site.
Now when the remote OPNsense can't reach the destination gateway, i want to wait for X min and then reboot.
Now after reboot, if it doesn't reconnect - obviously the problem is somewhere else and I want to add an additional delay before rebooting again and so on. Once connection is established it shoud revert back to the default delay of course.
Do I need to write some shell script for that exercise or can monit do it out of the box?

thanks!

20.1 Legacy Series / WireGuard interface assignment

« on: February 16, 2020, 05:00:44 pm »

After long time pushing this out, I have started to migrate my road warriors over to WireGuard.
Quick question on the server side config:
The docu says:

Is that still necessary? The NAT setup also offers me the automatically created WireGuard Interface. Why can’t I use that instead of doing a new assignment?
Thanks!

20.1 Legacy Series / PPPoE logging

« on: February 03, 2020, 10:23:08 am »

Upgraded two boxes yet.
One dials in per PPPoE which works but the is no diagnostic log for PPPoE. The link in the UI is there (Interfaces, Point to Point, Log File), but the log seems empty even though the interface is connected.

Pages: [1] 2 3