Messages

after several tests i found problem - this is "User Agent"

and this is actually sucks, that it blocks on nginx by incorrect user agent.

because this is first what spammers change.... but it blocks relevant traffic from scripts and other dev stuff.

also, i see 192.168.2.225 in banned list....
then im trying to look for log:

root@OPNsense:~ # cat /var/log/nginx/* | grep 2.225
root@OPNsense:~ #


and there is nothing!

how i can prevent it from being banned?

latest opnsense with latest nginx module.

i turned  Learning Mode for every location ON, and still see errors: Unsucessful status code You got banned permanently from this server.

how to turn this blocking rule? or to setup for bypass all traffic?

ok, how to remove blocking rules?

i don't want to use it.

ok. i tried several solutions.
and noticed, that ovpns2 interface and any other - doens't work as it should.

yep (

it is hard to write this script... and i want to ban this "banning" system... just to turn it off

how to delete all banned ip's by nginx?

woaahhhh)))


no, my problem a little bit different (

@bartjsmit, yep, i have very weak rules, which allows any traffic on interfaces/tunnels.

i also have openconnect tunnel, and it works fine. And 1st OpenVPN server works as it should.

if threre some kind diagnostic report - i can send it.

yes, route sets correctly.

lan 192.168.0.0/22
peer-to-peer 192.168.201.0/24


and on client i see

Code Select Expand


      192.168.0.0    255.255.255.0    192.168.201.5    192.168.201.6     35
    192.168.201.1  255.255.255.255    192.168.201.5    192.168.201.6     35
    192.168.201.4  255.255.255.252         On-link     192.168.201.6    291
    192.168.201.6  255.255.255.255         On-link     192.168.201.6    291
    192.168.201.7  255.255.255.255         On-link     192.168.201.6    291

Hello!

I have setup - opnsense 19.1 (but i updated today, was 18 series, problem the same.)

and 2 openvpn server instances:
* Roadwarriors - Remote Aceess + LDAP auth
* site-to-site - Peer to Peer SSL/TLS

First one working as expected - every client connects and gets to internal network.
Second - client connects, but it cannot access to local network.
Only gate is accessable.

On firewall i see only one OpenVPN tab. (on pfsense every vpn instance creates its own tab).
and i thought, broblem is firewall... but i have only one rule - pass all.

next, i tried to assign ovpns2 interface. And Firewall with this interfaces created. But, it doesn't help too.

what it could be? how to access local network from "Peer to Peer" connection?

ok... now i did it with alias table and NAT rules.

in that case users don't need to install additional software... and it is not hard to add new domain to the list.


ps. foxyproxy is nice, thanks!

so, am i getting right, so there is no way to bypass TOR for services, that are blocked by government?

for G Suite i found one problem: it became working automatically within 2-3 days...

i've also created a ticket in google... and after weekend i checked it - and it worked.

i can make all screens if you want it

@mimugmail see attachment

Hello,

i'm trying to configure TOR to bypass blocks, that made our government (we are not allowed to use linkedin, slack and telegram, for example).

nowadays, i use additional VPS with openvpn + alias setting to route several services. 
but, now i learned about TOR, and i think it can help me.

i've downloaded package, turned it on, and created setup on local machine - added TOR as Socks Proxy - and i was able to access it.
With that - i found, that all traffic goes thru TOR, which slows down main connections.


Next i found setting "Fascist Mode", but i can't understand how it should work?

if i turn it on - nothing changes.


could you please point me where is my mistake?