Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - overopn

#1
Hi, I have RTSP server in my LAN. I can connect to it fine with TCP but not with UDP. I understand there is a source port rewrite which I must disable, however that is not working.





When I do a packet capture on WAN, I can see the TCP part going back but the UDP packets are going to a different (and wrong?) port.


#2
Hi, I'm running an RTSP server behind NAT. I find that using the same ports 554, it works but if I set the incoming ports to a different one, it does not work. Is that supposed to be so?

#3
I've setup and open the firewalls following this opensense guide

https://docs.opnsense.org/manual/how-tos/ipsec-road.html

The tunnel setup I've followed this pfsense guide. This guide works when I setup on pfsense.

https://forum.pfsense.org/index.php?topic=127457.0

Mobile Client Phase 1
Key Exchange version V2

Phase 1 proposal
EAP-MSCHAPV2
My Identifier (Tried various settings, My IP Adrress, IPAddress,

I'm usin windows 7 to connect, imported the CA cert fine, and but I cannot connect. The log shows

Apr 29 14:38:16   charon: 14[NET] sending packet: from 192.168.1.239[500] to 192.168.1.99[500] (36 bytes)
Apr 29 14:38:16   charon: 14[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
Apr 29 14:38:16   charon: 14[IKE] received proposals inacceptable
Apr 29 14:38:16   charon: 14[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048_256
Apr 29 14:38:16   charon: 14[CFG] received proposals: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024, IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024

#4
18.1 Legacy Series / Cannot access internet from LAN
April 23, 2018, 01:42:54 PM
Hi, this is a new setup running on a VM (Xenserver) with 2 NICs.

I have setup one for WAN, one for LAN. From my LAN, I'm unable to access internet (ping 8.8.8.8 fails).

I have same setup running a fresh install of pfsense, have similar problem. I needed to add a firewall LAN rule to LAN net to access to get it working on pfsense.

pfsensefirewall.jpg

I see OPNSense have setup that rule automatically (nice), but the firewall logs shows it passes (e.g. 10.0.0X)

opnsense1.jpg
opnsense2.jpg
opnsense3.jpg
#5
Hi,

I'm new to OPNSense. I want to have one public IP, on listening port 554 which is served to multiple internal NAT VM. With port 80, we can use HAProxy, that is easy but my VM are serving RTSP video to port 554 so there is a TCP handshake followed by outbound UDP to port 554.

Something like this , is that doable with OPNSense.

https://raymii.org/s/tutorials/Proxmox_VE_One_Public_IP.html