Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - jorgevisentini

Pages 1 2
#21
17.7 Legacy Series / Zabbix Agent
August 11, 2017, 10:12:45 PM
Hi everybody!

I did install the Zabbix Agent and its worked, but the outgoing interface (net.if.out) dont return the values, only number zero.

Interesting that the ingoing interface (net.if.in) work...

hazabbix01:~ # zabbix-get -s 10.200.16.1 -p 10050 -k net.if.in[xn0]
6885748617
hazabbix01:~ # zabbix-get -s 10.200.16.1 -p 10050 -k net.if.out[xn0]
0
hazabbix01:~ #

I did install 2.4.7, 2.4.8 and 3.2.6 and both dont worked both OPNSense 16 and 17 version.
Also i did try install in OPNSense 17 and 16 version and in 16 version it worked with 2.4.7 Zabbix Agent.
#22
17.1 Legacy Series / Maximum Lifetime IPsec configuration
July 24, 2017, 05:24:09 PM
Hi everyone!

I do not know if it's with the community of OPNSense or with the community and strongSwan documentation. But does anyone know what the maximum time I can put in the Phase 1 and Phase 2 "Lifetime" fields of IPsec settings?

Thanks!
#23
Development and Code Review / IPsec Failover project...
July 17, 2017, 04:49:41 PM
Hello everyone.

I want very much to have the IPsec failover feature as well as multiple enterprise distributions have it.

I believe this is a very important and excencial feature that would cause the OPNsense stay above the other opensource market distros.

I do not know if the development staff is already thinking about implementing ...

I know that it is an advanced resource and very complicated to implement, but I am willing to participate in some project, since I really need this functionality ...

How can we start such a project? If there is anyone else interested, it would be better.

Thank you all!
#24
17.1 Legacy Series / Firewall rules - downgrade all packages.
July 12, 2017, 04:01:36 PM
Hello!

I installed OPNSense 17.1.4 and immediately upgraded to version 17.1.9.

From then on the firewall rules such as ping, ssh no longer worked.

If I disable the firewall works perfectly.

I have production versions 17.1.8, 17.1.7 and 16.x.x running perfectly.

Is there a way I can downgrade?

I know you have opnsense-revert, but it's package-by-package.

Can you downgrade all packages at one time?
#25
16.7 Legacy Series / IPsec - unable to query SAD entry with SPI
June 30, 2017, 06:04:21 AM
Hello,

I have just closed 2 IPsec tunnels with a Fortinet and I am having communication with ping and other protocols, however I am getting the message below:

Jun 30 00:56:55 charon: 04 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:55:43 charon: 08 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:54:03 charon: 05 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:49:56 charon: 05 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:48:45 charon: 05 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:47:15 charon: 12 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:44:36 charon: 09 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)
Jun 30 00:44:09 charon: 15 [KNL] unable to query SAD entry with SPI cc41f65b: No such file or directory (2)

I am using AES128 and SHA-1 in all phases 1 and phases 2.

Does anyone know what can it be?

I'm using:
OPNsense 16.7.14_2-amd64
FreeBSD 10.3-RELEASE-p14
OpenSSL 1.0.2j 26 Sep 2016

Thanks!
#26
17.1 Legacy Series / NAT problem or firewall rules?
June 26, 2017, 03:12:02 PM
Hello, I installed a clean version of 17.1.4 and then upgraded to version 17.1.8 and for some reason my internal network does not browse, even allowing ALL traffic to the internet.

I do not know if it's a NAT issue or if the rules are not being applied correctly.
#27
17.1 Legacy Series / Courses or Training
May 09, 2017, 12:33:47 AM
Hello guys!

Sorry about my English.

Does OPNSense.org offer courses or training?

I'm already 2 weeks ago looking for some documentation so I can base myself to make a VPN IPsec failover.

I have realized that it is complicated and that maybe OPNSense does not availability natively, so maybe a workaround is needed.

Thank you all.
#28
17.1 Legacy Series / Route metric
May 03, 2017, 11:01:34 PM
Hello,

sorry about my English.

Can I define metrics for routes? As priorities, distance ...

I need something like this to do a failover on my IPsec network.

Thank you!
#29
17.1 Legacy Series / IPsec Metrics
April 18, 2017, 10:42:44 PM
Hello, excuse my English.

In OPNSense, is it possible to have two IPsec tunnels with two different links and use metrics?

I have 2 OPNSense, one in a matrix (2 links) and one in a branch office (1 link). I want to do a failover on the connection.

Do you have any documentation explaining how it works?

Thank you all!
#30
17.1 Legacy Series / IPsec Site to Site Failover
March 22, 2017, 03:48:55 PM
Hi!

Sorry my english.

Is it possible to make an IPsec failover connection with OPNSense?

I want to use 2 links to make a redundancy connection.

In the configuration there is no option to add a second Link/IP.

Is there an alternative?

Thank you.
#31
17.1 Legacy Series / Port Redirection with 2 links
February 10, 2017, 08:07:15 PM
Hello everyone!

I'm having a problem doing port redirection.

I have 2 links, each with its gateway (WAN - GWWAN / WAN2 - GWWAN2).

For example, using WAN, when I make a target so that when a packet hits port 5555 of the WAN, it is routing to the IP 172.16.100.10 on port 22. That works fine there. I am using the Filter rule association = Add associated filter rule option.

When I create the same rule, but using WAN2, it does not work. Only works when Filter rule association = Passed

Note: The default gateway is GWWAN.

Below are the rules.

Code Select
Firewall: NAT: Port Forward

If Proto Address Ports Address Ports IP Ports Description
WAN TCP * * This Firewall 5555 172.16.100.10 22 (SSH)
WAN2 TCP * * This Firewall 5555 172.16.100.10 22 (SSH)


Firewall: Rules

Tab WAN
Proto Source Port Destination Port Gateway Schedule Description
IPv4 TCP * * 172.16.100.10 22 (SSH) * NAT


Tab WAN2
Proto Source Port Destination Port Gateway Schedule Description
IPv4 TCP * * 172.16.100.10 22 (SSH) * NAT


Am I doing it wrong or having a problem?

Thank you all!
#32
17.1 Legacy Series / [SOLVED] OpenVPN
February 08, 2017, 01:55:23 PM
Hello everyone
I am installing and configuring 17.1 here in the company, but I have not been able to upload VPN using OpenVPN yet.

I configure exactly the current one, in version 16.7 but I can not make this new one work.

The message that appears is "TLS Error: TLS handshake failed".

I have already reviewed and reconfigured the settings and have re-created the certificates, and always gives the same message.

Does anyone have the same problem?

Thank you!
#33
16.7 Legacy Series / Ldap icon Import Users
December 09, 2016, 02:29:11 PM
Hello, excuse my English.

I'm following the tutorial to configure authentication via LDAP. Until then it worked correctly, but when I import the users I do not think the icon.
By the tutorial https://docs.opnsense.org/manual/how-tos/user-ldap.html there is an icon to do the import, but it does not have in the System-> Access-> Users settings

Does anyone know if something has changed or if there is another way to authenticate?
My object is to do VPN authentication through AD.

Thank you.
Pages 1 2