"
It's not firewall rule on vlan that's the issue it's the option not being passed when a dhcp request is made to the isp servers
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#62
22.1 Legacy Series / Re: DHCP send option not sent
January 28, 2022, 12:23:52 AM
I think I'm seeing the same issue with a remote connection in France which I upgraded over VPN
No IP is allocated which suggest the send options are not being passed as Orange France have special options in order to grant an IP
As I'm remote I can't wire shark the output
Thankfully I have a failover connection so can apply any patch/upgrade to fix it
No IP is allocated which suggest the send options are not being passed as Orange France have special options in order to grant an IP
As I'm remote I can't wire shark the output
Thankfully I have a failover connection so can apply any patch/upgrade to fix it
#63
21.1 Legacy Series / Re: WOL Dashboard widget
March 23, 2021, 12:12:15 PM
Seeing the same behavior on my 21.1.3_3
Applied patch
opnsense-patch -c plugins 61a9282b
all good
Applied patch
opnsense-patch -c plugins 61a9282b
all good
#64
20.7 Legacy Series / [SOLVED] GEOIP blocking no longer working 20.7
July 31, 2020, 11:15:42 PM
Upgrade appeared to go to plan except for the following rules which used to allow traffic from just a few specific countries now block everything so no external access to my firewall.
I have disabled them and all traffic flows again
EDIT : After re-saving the GOIP alias it started working again
I have disabled them and all traffic flows again
EDIT : After re-saving the GOIP alias it started working again
#65
20.1 Legacy Series / Re: Sonos speakers on a VLAN
April 16, 2020, 06:06:19 PM
Ah yes the old Sonos ports and firewalls issue
A struggled as well and after googling, it came to the conclusion that Sonos doesn't play properly with ports. So even if you create rules for the ports Sonos claim that need it won't work across VLANs
So I went for a slightly less robust route but one that I'm pretty comfortable with
I have a few LANS but for this explanation, IOT is where Sonos sits and my Trusted devices (Mac, iPhones etc) are on LAN
I allow any LAN device to any other VLAN. But I only allow the Sonos players on IOT to access the Sonos Controllers (iPhones for me) by having a rule like this below
I block everything else from IOT out to any other VLAN
EDIT - Don't use Safari though hate it. Chrome for me. But I'll play later and let you know
EDIT 2 - used Safari see below looks okay to me
A struggled as well and after googling, it came to the conclusion that Sonos doesn't play properly with ports. So even if you create rules for the ports Sonos claim that need it won't work across VLANs
So I went for a slightly less robust route but one that I'm pretty comfortable with
I have a few LANS but for this explanation, IOT is where Sonos sits and my Trusted devices (Mac, iPhones etc) are on LAN
I allow any LAN device to any other VLAN. But I only allow the Sonos players on IOT to access the Sonos Controllers (iPhones for me) by having a rule like this below
I block everything else from IOT out to any other VLAN
EDIT - Don't use Safari though hate it. Chrome for me. But I'll play later and let you know
EDIT 2 - used Safari see below looks okay to me
#66
20.1 Legacy Series / Lost WAN Access - 20.1.1
February 21, 2020, 01:22:43 PM
In the early hours of this morning, I noticed that I had lost WAN access.
When checking my monitoring systems I could see that I was still able to ping my firewall from external locations and all LAN access was as expected. Just no access to the internet.
I signed into the firewall GUI from the LAN and all the gateways and connections were showing as active, but still no WAN access.
I used a serial cable connection to sign in to the console then issued a reboot of from the GUI to see what messages appeared.
Nothing happened. The console gave no indication the system was rebooting. So I issued console option 6 and the reboot started. However this also hung whilst closing down the processes - Sorry don't remember which point as I then did a power cycle.
During the power cycle, I got a message of "damage tar "repeatedly
So hit control C from the console and the startup completed. Subsequent powerups and restarts have been fine
If from the console I issue
# find . -name *.core
I get
./python3.7.core
Do you want a copy of this core file it's circa 23MB
When checking my monitoring systems I could see that I was still able to ping my firewall from external locations and all LAN access was as expected. Just no access to the internet.
I signed into the firewall GUI from the LAN and all the gateways and connections were showing as active, but still no WAN access.
I used a serial cable connection to sign in to the console then issued a reboot of from the GUI to see what messages appeared.
Nothing happened. The console gave no indication the system was rebooting. So I issued console option 6 and the reboot started. However this also hung whilst closing down the processes - Sorry don't remember which point as I then did a power cycle.
During the power cycle, I got a message of "damage tar "repeatedly
So hit control C from the console and the startup completed. Subsequent powerups and restarts have been fine
If from the console I issue
# find . -name *.core
I get
./python3.7.core
Do you want a copy of this core file it's circa 23MB
#67
General Discussion / Re: UDP Broadcast Relay
February 05, 2020, 08:21:47 AM
Great thread
Marjohn has done some great work getting the plugin sorted. One day he will forgive me for all the work I caused him by saying "eh take a look at this pimd thing I've found" as always he did his normal "that's really good but here's something better"
Back to the questions
I've not needed to specify more than one mcast address but I agree allowing it will future proof the plugin
I like the idea of using the DSCP as the id and allowing the user to manually set the TTL value maybe via advanced options. Again future proofing
Marjohn has done some great work getting the plugin sorted. One day he will forgive me for all the work I caused him by saying "eh take a look at this pimd thing I've found" as always he did his normal "that's really good but here's something better"
Back to the questions
I've not needed to specify more than one mcast address but I agree allowing it will future proof the plugin
I like the idea of using the DSCP as the id and allowing the user to manually set the TTL value maybe via advanced options. Again future proofing
#68
20.1 Legacy Series / Re: Remote Syslog Settings - 20.1.RC
January 27, 2020, 03:14:02 PM
thank you all clear now
20.1.RC1 is surviving all the load testing and reboots etc that I'm throwing at it so seems very good so far
20.1.RC1 is surviving all the load testing and reboots etc that I'm throwing at it so seems very good so far
#69
20.1 Legacy Series / Re: Remote Syslog Settings - 20.1.RC
January 27, 2020, 03:05:11 PM
Yes I missed that :-(
Mine wasn't set up anyway, so nothing to delete but what I had missed in the docs was this
"The remote logging feature will likely be removed in OPNsense 20.1, since the new Logging / targets offers more flexibility and has overlapping functionality. We advise to switch as soon as possible."
One final question now I've seen this I would have assumed the "syslog-ng" service would also be deleted (mine is still active) or is that a 20.1.1 activity/cleanup
Mine wasn't set up anyway, so nothing to delete but what I had missed in the docs was this
"The remote logging feature will likely be removed in OPNsense 20.1, since the new Logging / targets offers more flexibility and has overlapping functionality. We advise to switch as soon as possible."
One final question now I've seen this I would have assumed the "syslog-ng" service would also be deleted (mine is still active) or is that a 20.1.1 activity/cleanup
#70
20.1 Legacy Series / Remote Syslog Settings - 20.1.RC
January 27, 2020, 02:27:02 PM
Can't find anything in the 20.1 release notes but GUI in 19.7 at
System: Settings: Logging had a section for remote syslog
at 20.1.RC its missing and only Local Logging options exist
Did I miss something ?
System: Settings: Logging had a section for remote syslog
at 20.1.RC its missing and only Local Logging options exist
Did I miss something ?
#72
20.1 Legacy Series / Re: 20.1.r_6
January 27, 2020, 12:50:53 PM
ok tried that
Then set GUI to Production
Requested an upgrade
Got this
***GOT REQUEST TO UPGRADE: maj***
Fetching packages-20.1.r1-OpenSSL-amd64.tar: ...................................................................... done
Fetching base-20.1.r1-amd64.txz: .. failed, no signature found
***DONE***
Then set GUI to Production
Requested an upgrade
Got this
***GOT REQUEST TO UPGRADE: maj***
Fetching packages-20.1.r1-OpenSSL-amd64.tar: ...................................................................... done
Fetching base-20.1.r1-amd64.txz: .. failed, no signature found
***DONE***
#73
20.1 Legacy Series / 20.1.r_6
January 27, 2020, 11:16:28 AM
As per subject line. I was running dev versions of 20.1
Switch back to Production in GUI and did the upgrade
My console is showing
OPNsense 20.1.r_6-amd64
FreeBSD 11.2-RELEASE-p16-HBSD
OpenSSL 1.1.1d 10 Sep 2019
Is that right ? was expecting rc1
Switch back to Production in GUI and did the upgrade
My console is showing
OPNsense 20.1.r_6-amd64
FreeBSD 11.2-RELEASE-p16-HBSD
OpenSSL 1.1.1d 10 Sep 2019
Is that right ? was expecting rc1
#74
19.7 Legacy Series / Re: [Solved] Sonos on VLANS
January 15, 2020, 04:22:28 PM
tested the plugin in test and now production and works perfect nice smooth install process
#75
19.7 Legacy Series / Re: [Solved] Sonos on VLANS
January 10, 2020, 11:11:33 PM
@marjohn I'm waiting for you to read my last email re /etc/rc.conf.d/ :) :) :)
