Messages

The root to the problem was that the 3 x hardware offload was already disabled by default. That gave the impression of a false dubble negative that confused me.

Both the DDNS service updating and OpenVPN are now working.


Miroco

Suricata and port 443

As soon as I enable IPS mode under Intrusion Detection, the No-IP DynamicDNS update fails. This also makes my OpenVPN Server to fail. It's a road warrior style configuration using port 443.

I sat out to try the abuse.ch ruleset and IPS. The ruleset does not seem to play a part in this, but IPS definitely does. The mandatory 3x hardware offloading is disabled.

Sep 14 20:38:348         opnsense:/usr/local/etc/rc.dyndns: curl error occurred: Failed to connect to dynupdate.no-ip.com port 443: Operation timed out

If I uncheck IPS mode, the problem goes away and I can connect to my OpenVPN server.

Sep 14 20:47:36         opnsense:/usr/local/etc/rc.bootup: DynamicDNS (xxxxxxxxxxxx.ddns.net): (Success) DNS hostname update successful.

I'm on OPNsense ver. 17.7.2


Perhaps a related issue.

https://forum.opnsense.org/index.php?topic=4727.0

Miroco

Hi Bart and Franco,


Thank you both for straightening this out. I'm using this setup in a home environment (5 devices). I'm planning to activate at least Suricata intrusion detection (when I learn how to), does that mean I'm low on storage?


Miroco

Hi,

I'm also on an APU2C4 with a Transcend 32 GB mSATA SSD (amd64 (64bit) serial image) OPNSense 17.7. Disk usage is about 4%. Apart from an OpenVPN-server, my installation is pure vanilla. How come that the recommended disk size differ that much, (x4) from mine and I still seem to have a vast space for manoeuvring?

P.S. Don't forget to activate the thermal sensors.


I'd like to take the opportunity to thank the OPNSense team for a great product :)


Regards,


Miroco