Messages

16

19.1 Legacy Series / Re: ERR_CONNECTION_RESET After upgrading to 19.1

« on: February 01, 2019, 08:16:40 am »

Same issue here

Also I see blocked localhost traffic in the firewall log, that i never saw before the upgrade. And some blocked VLAN traffic

I can share logs if needed

17

General Discussion / opnsense box with unifi AP setup

« on: February 09, 2018, 10:32:29 pm »

Hi all,

I have a question. I would like to know if my setup is correct.

Reason for asking is because I recently changed a few things, but now I have intermittent connectivity issues when connected via wifi. And I didn't have these issues before the changes. And now I can't find the cause.

I bought a appliance with opnsense pre-installed. It has 6 Gb ports.

What I want is a LAN (containing both wired as well as wireless connected devices), a VLAN for IoT devices and a VLAN for Wifi guests.

My setup is as follows:

Cablemodem (bridge modus)
            |
OPNSENSE appliance
            |
Several devices

Port2 on my opnsense box acts as the WAN port and receives a public IP (DHCP) from my provider.

On ports 3-6 I have several devices connected, like a NAS, DTV device etc. On port 1 I have a Unifi wifi AP connected.

Now I have created a bridge interface, containing interfaces 1,3,4,5 and 6 for the LAN. That bridge has a fixed private IP and I have DCHP server setup on this interface.

Because I want to have 3 separate wifi networks, I have created 2 VLAN's with parent interface port 1 (to which the unifi is connected). Both VLAN's have a fixed private IP and DHCP servers are setup.

On the unifi I have 3 wifi networks; wifi, wifi-iot tagged with VLAN1 and wifi-guest is tagged with VLAN2.

I think this should work, but as said I'm experiencing intermittent connectivity issues on wifi.

If there is someone that could just think with me here and maybe has some remarks then that would be highly appreciated !

Thanks in advance

Sven

18

18.1 Legacy Series / Re: FW log - Live View - incorrect logging compared to rule config

« on: February 07, 2018, 09:28:49 am »

I'm currently logging a lot which makes it a bit hard to find those lines back. I rebooted my opnsense box last night since it was unstable (all since upgrade to 18.1), and it seems OK now.

I will keep an eye on it and report back if I see this happening again

19

18.1 Legacy Series / Re: FW log - Live View - incorrect logging compared to rule config

« on: February 06, 2018, 08:28:46 am »

It seems similar indeed.

I see it all the time now. For all sorts of rules the Live View messes it up and showing strange results.

20

18.1 Legacy Series / FW log - Live View - incorrect logging compared to rule config

« on: February 05, 2018, 12:16:33 pm »

Hi all,

Just upgraded (Currently running OPNsense 18.1.1-amd64) and I see something weird in the new log Live View.

Attached 3 files, fw_rules.png, fw_log.png and fw_log2.png

In fw_log.png you will see:
Blocked on interface VLAN99, source 192.168.x.20 to destination 192.168.1y.y port 8880 rule description 'Allow guestnet to guestportal'

In fw_rules you see the second rule says:
Allow from source VLAN99 net to destination 192.168.1y.y port 8880 rule description 'Allow guestnet to guestportal'

So in logging it seems traffic is blocked by a rule that actually allows the traffic.

Am I missing something here ?

And to make it more strange, when I change the logging page to show 5000 lines and look for the lines in fw_log.png, I see again something strange, see fw_log2.png

Any idea?

21

17.7 Legacy Series / Re: [Suricata] Suricata dropping traffic with IPS.

« on: October 18, 2017, 08:07:59 am »

Hi,

I have the exact same 'issue'.

And do you also see a drop in speed? I have a 400 Mb/s subscription, but with Suricata enabled (in IPS mode with 9 rulesets) I get around 120 Mb/s. And when I disable the Intrusion Detection service it immediately goes back to around 400 Mb/s