"
I posted the ENTIRE config, and NOTHING passes OUT. says blocked by default deny rule.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#46
22.1 Legacy Series / Re: I've beat my head against the wall: How do I do NO-NAT but HAVE FW rules?
March 28, 2022, 03:27:25 PM #47
22.1 Legacy Series / Re: I've beat my head against the wall: How do I do NO-NAT but HAVE FW rules?
March 28, 2022, 03:12:32 PM
um this is a standard routing thing, with globally routable IP's.
NOTE: If I just turn PF off, it routes JUST FINE.
I've been doing IPv4 networking for >30 years, and I've tried a thousand(estimate) things.
with PF enabled it doesn't work, with PF disabled it routes like it's supposed to.
NOTE: If I just turn PF off, it routes JUST FINE.
I've been doing IPv4 networking for >30 years, and I've tried a thousand(estimate) things.
with PF enabled it doesn't work, with PF disabled it routes like it's supposed to.
#48
22.1 Legacy Series / Re: I've beat my head against the wall: How do I do NO-NAT but HAVE FW rules?
March 28, 2022, 02:58:24 PM
I have that set, and it does NOT pass traffic.
#49
22.1 Legacy Series / [SOLVED]I've beat my head against the wall: How do I do NO-NAT but HAVE FW rules
March 28, 2022, 03:48:14 AM
I need NO-NAT, but the ability to have firewall rules. I've looked at past posts, and BELIEVE I've done everything right, but if pf is enabled, it does NOT pass traffic. If I disable pf it works fine.
HELP.
attached is the current state
HELP.
attached is the current state
#50
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 15, 2022, 02:39:01 AM
another user suggested setting the IPv4 preferred over IPv6 and running the updates, which DID upgrade more code.
Now that it's on:
OPNsense 22.1.r1-amd64
and removing the 4 over 6 preference it's still working, and my IPv6 issue is GONE.
Now that it's on:
OPNsense 22.1.r1-amd64
and removing the 4 over 6 preference it's still working, and my IPv6 issue is GONE.
#51
22.1 Legacy Series / Re: 22.1.r.3: Doesn't like pkg on IPv6 from my box.
January 15, 2022, 02:37:40 AM
setting the prefer IPv4 over IPv6 checkbox allowed it to update to:
OPNsense 22.1.r1-amd64
so, I guess my pkg -4 updates didn't do the whole thing.
And now that it's on that code, removing the preference still allows updates etc to work without hanging.
y'all can ignore this thread.
OPNsense 22.1.r1-amd64
so, I guess my pkg -4 updates didn't do the whole thing.
And now that it's on that code, removing the preference still allows updates etc to work without hanging.
y'all can ignore this thread.
#52
22.1 Legacy Series / Re: pkg, fetch & update check issues after updating to 22.1
January 15, 2022, 02:36:10 AM
Thanks for that hint, I did the prefer 4 over 6 and it updated to:
OPNsense 22.1.r1-amd64
from r_3. So, yes, there were changes.
Now I've turned off the preference, and update checks, etc all work.
Interesting.
Thanks for the hint.
OPNsense 22.1.r1-amd64
from r_3. So, yes, there were changes.
Now I've turned off the preference, and update checks, etc all work.
Interesting.
Thanks for the hint.
#53
22.1 Legacy Series / Re: pkg, fetch & update check issues after updating to 22.1
January 14, 2022, 11:10:38 PM
I was able to get around this problem by doing:
pkg -4 update
pkg -4 upgrade
and rebooting.
I wonder if there is a way to force pkg -4 ?
pkg -4 update
pkg -4 upgrade
and rebooting.
I wonder if there is a way to force pkg -4 ?
#54
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 14, 2022, 10:12:12 PM
per private email, it was worth a try, and:
SUCCESS
it's working, modulo the fact that pkg update doesn't like to talk to the IPv6 repos.
(Other IPv6 works fine).
I wonder if there's a way to force pkg -4 for the OPNSense / SunnyValley stuff?
SUCCESS
it's working, modulo the fact that pkg update doesn't like to talk to the IPv6 repos.
(Other IPv6 works fine).
I wonder if there's a way to force pkg -4 for the OPNSense / SunnyValley stuff?
#55
22.1 Legacy Series / 22.1.r.3: Doesn't like pkg on IPv6 from my box.
January 14, 2022, 10:03:53 PM
How can I force pkg -4 for the updates?
#56
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 14, 2022, 06:10:09 PM
Are there changes in 22.1 (Either OPNSense or Zenarmor) that would possibly affect this issue?
#57
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 14, 2022, 04:14:11 PM
IIRC 22.1 is NOT ready for SunnyValley, so no.
#58
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 14, 2022, 12:15:54 AM
@SunnyValley: Is this now a dead ticket, and I need to cancel my subscription and remove the software?
#59
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 13, 2022, 03:16:34 PM
As I said, even with the offload stuff OFF, it still blocks IPv6 traversing the Firewall.
#60
Zenarmor (Sensei) / Re: Zenarmor & IPv6: Bad Combo (At least on ATT Fiber/US)
January 13, 2022, 02:05:03 PM
even with all the offload stuff turned off, I still can't get IPv6 packets to traverse the firewall
