46
18.1 Legacy Series / Re: Multiple WAN to multiple LAN and load balance
« on: April 03, 2018, 07:10:59 am »
pfsense or OPNsense?
You might be on the wrong forum.
You might be on the wrong forum.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
47
18.1 Legacy Series / Re: DHCP from wrong subnet
« on: April 03, 2018, 07:05:27 am »
Do you have a static ip set on the tablet or any other lan client?
Does an arp scan show a matching ip setup (according to dhcp range)?
Does an arp scan show a matching ip setup (according to dhcp range)?
48
18.1 Legacy Series / Re: Excessive initial Load times for GUI
« on: April 03, 2018, 07:01:04 am »
This behavior in my box appeard only after multiwan, at least that's when I noticed it. Might be normal, I think the GUI is waiting for modules to load, for data collection to be performed.
49
18.1 Legacy Series / Re: Excessive initial Load times for GUI
« on: April 03, 2018, 06:30:38 am »
I did noticed a slowdown, but not this big, after i set up multi wan. Do you happen to have multiwan?
In my setup, at first, right after a reboot for example, the GUI fully loads, before all modules/services load. While these still load, refreshing the GUI takes about 10-15 secs to load. Then, when all services fully loaded, the GUI refreshes instantly every time.
In my setup, at first, right after a reboot for example, the GUI fully loads, before all modules/services load. While these still load, refreshing the GUI takes about 10-15 secs to load. Then, when all services fully loaded, the GUI refreshes instantly every time.
50
18.1 Legacy Series / Re: Image backup using Clonezilla
« on: April 02, 2018, 11:14:20 pm »
Maybe you could give it a chance...
At first i didn't like it either, i couldn't even find a distro without some sorts of problems. But then i settled with Ubuntu Server without a GUI (not the Desktop version with a GUI, which i think sucks). I don't need an interface, most of the servers i run on it don't need one. It's much more stable like this. Sure.. they crash sometimes from even sneezing near them (or feels like it), but i backup everything. For low power boxes, it's a great choice in the end. Just saying that it deserves a second chance
At first i didn't like it either, i couldn't even find a distro without some sorts of problems. But then i settled with Ubuntu Server without a GUI (not the Desktop version with a GUI, which i think sucks). I don't need an interface, most of the servers i run on it don't need one. It's much more stable like this. Sure.. they crash sometimes from even sneezing near them (or feels like it), but i backup everything. For low power boxes, it's a great choice in the end. Just saying that it deserves a second chance
51
18.1 Legacy Series / Re: OpenVPN with unbound dns leak
« on: April 02, 2018, 11:56:05 am »The only way the ISP could be hijacking the requests is if the requests are actually going out over the WAN gateway rather than the VPN gateway, which is pretty much the whole problem. I can't seem to get unbound configured to forward the DNS requests it can't answer over the VPN gateway, it only seems to work when it's sending them over the WAN gateway.
I've switched the DNS from Google to the new 1.1.1.1, which actually seems slightly faster from here. However, I'm still not happy that they are going out over the WAN interface as my ISP could easily see and hijack them like you say elektroinside.
Exactly, which means that the originating query might not be going through the tunnel, eg. the client is ignoring the config set by the server and not directing all the traffic over the tunnel. In this particular case, neither the OpenVPN server or Unbound is the cause of the leak.
52
18.1 Legacy Series / Re: How difficult is it to get an OpenVPN server working, really?
« on: April 02, 2018, 06:50:21 am »
Yeah, that might take a while. Thanks!
53
18.1 Legacy Series / Re: Image backup using Clonezilla
« on: April 01, 2018, 11:43:24 pm »
Yeah, and in my case it's the only way to avoid reinstalling 17.5 first, then upgrade, if i want a "clean & fresh" install.
54
18.1 Legacy Series / Re: How difficult is it to get an OpenVPN server working, really?
« on: April 01, 2018, 11:33:08 pm »
1-2 months? Wow.. what did you tweak?
55
18.1 Legacy Series / Re: OpenVPN with unbound dns leak
« on: April 01, 2018, 10:00:21 pm »
No leaks here, not one. This is true when performing the test from the LAN or from the OpenVPN client.
I do have forwarding enabled, but i forward to either OpenDNS or Quad9. Right now I'm using Quad9 with dnnsec.
But I use an internal DNS as main DNS server. That uses as upstream dns the OPNsense's Unbound, and that forwards to Quad9.
Maybe your ISP is hijacking your requests, it's not unheard of, actually it's quite common.
I do have forwarding enabled, but i forward to either OpenDNS or Quad9. Right now I'm using Quad9 with dnnsec.
But I use an internal DNS as main DNS server. That uses as upstream dns the OPNsense's Unbound, and that forwards to Quad9.
Maybe your ISP is hijacking your requests, it's not unheard of, actually it's quite common.
56
18.1 Legacy Series / Re: How difficult is it to get an OpenVPN server working, really?
« on: April 01, 2018, 12:54:27 pm »
I've been running 2 different OpenVPN servers on 2 different OPNsense deployments in 2 different cities without any issues (road warrior setup). Stable, not a single disconnect, hardened firewall rules.
That's all i can say about my OpenVPN servers.
That's all i can say about my OpenVPN servers.
57
18.1 Legacy Series / Re: OPNsense panics in my multiwan setup
« on: April 01, 2018, 12:03:00 pm »
To keep the thread updated, mimugmail & Franco, I have uploaded a fresh new set of logs & dump file on the google drive. I personally don't see anything helpful in them. Console doesn't helps either (please check the video).
Also, as pointed out before, the single option which crashes the system if wan1 goes down in way or another is "Use shared forwarding between packet filter, traffic shaper and captive portal".
Also, as pointed out before, the single option which crashes the system if wan1 goes down in way or another is "Use shared forwarding between packet filter, traffic shaper and captive portal".
58
18.1 Legacy Series / Re: Image backup using Clonezilla
« on: April 01, 2018, 10:43:40 am »@elektroinside there will probably be a Nextcloud backup feature in the near future so you can just upload the config files automatically.
That's very nice.
What is disappointing is that Macrium fails (at the moment)... didn't expect that, it never failed on me, with anything.
Thanks dcol for the report!
59
Development and Code Review / Re: Cicada Theme -> Franco didnt want the cicada theme - so deleted!
« on: March 31, 2018, 10:17:46 pm »@noname12123, first you need to chill, if you want to work together with other people, this world is too fast already.
I would suggest you, since It happen to like your theme, to apologize for your actions, then work it out with franco. If theme is according to coding guidelines, there most probably should not be an issue for merge.
Pointing fingers to forum members will not be good. You also need to understand developers priorities..themes are nice to have, but stability comes first.
I wish you, to find the way for your theme to make it to opnsense...but remember nice attitude is the way to go in life.
Well said.
60
18.1 Legacy Series / Re: Multicast traffic
« on: March 31, 2018, 10:15:52 pm »
You're welcome. Go ahead, although, just as a side note, in very secured setups, all (except the very minimum) TCP/IP processed stuff are disabled, including IGMP. And also worth mentioning that older OSs are vulnerable (regarding IGMP) but patches are available