Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - FraLem

Pages 1 ... 5 6 7
#91
19.1 Legacy Series / Re: MULTIWAN ON Opn 19.1
April 11, 2019, 08:56:35 PM
Finally I got ir working. Launching a new ping as the first one failed brought light to the subject.

Any ideas on how to get into the details of load balancing?

By the way, a big applause for the suggestion.

Thks & Rgds
#92
19.1 Legacy Series / Re: MULTIWAN ON Opn 19.1
April 11, 2019, 06:39:55 PM
I have tried to start new ping from the Opnsense machine, but unfortunately it doen not forward traffic to WAN_2.

Could it e related to the Outbound NAT rule?

Rgds
#93
19.1 Legacy Series / Default Configuration
April 11, 2019, 04:16:35 PM
Hi,
when I mess a configuration  too much I tend to do a restore to default config my PC sets LAN on em0 and WAN on em1 (I find this setting more convenient the other way around em0=WAN, em1=LAN).

Does anyone know if the Default configuration can be modified?

Thanks & Regards
#94
19.1 Legacy Series / Re: MULTIWAN ON Opn 19.1
April 11, 2019, 04:11:33 PM
Thanks for the reply,
I just expect to keep traffic flowing in case a WAN interface goes down.
I just set a ping going to www.google.com and shut down the WAN1 on the remote test router. Ping stops, no trace of flowing through WAN2 .

Am I missing anyrhing here?

Rgds
#95
19.1 Legacy Series / MULTIWAN ON Opn 19.1
April 11, 2019, 07:57:49 AM
Hi there,

after doing it at least 10 times trying anyting I could think of, I have not manage to set up MULTIWAN as failover.

The configuration simply does not take the gateway group into account.

Attached my very basic configuration following https://wiki.opnsense.org/manual/how-tos/multiwan.html

Any suggestion would be appreciated.
#96
General Discussion / Re: SNMP Support
April 10, 2019, 08:54:31 PM
I would suggest to check with tcpdump -i xxx port 161 if the snmp query is reaching the firewall
In my case I didn`t quite get the meaning of lisening Ip, therefore blanck and rule in the WAN interface.
#97
General Discussion / Re: OpnSense Firewall OpenVPN
April 07, 2019, 04:25:58 PM
Hi there,
I'm facing some difficulties setting up bery basic configuration of a VPN connection to a remote VPN server on Opnsense 19.1.4
Access credentials seem to be ok as I get connection up as well as a tunnel IP Adress / Gateway & routes.
Unfortunately I cannot ping the remote interface (I've tried same credentals on a Windows client and ping and routing work ok).
Any suggestions?
Regards
#98
General Discussion / OPnSense Bridge w/VLAN's
February 27, 2019, 08:50:15 AM
Hi there,
I've been struggling to make a "basic" setup with two bridges on the LAN side of the router:

Bridge1: em1 + em2
Bridge0: VLAN500 on em1 + em3

As I create Bridge1, bridge0 stops forwarding traffic.

Any suggestion will be appreciated.

***************************************
Configuration:

bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:0f:9d:95:72:00
        inet 192.168.32.1 netmask 0xffffff00 broadcast 192.168.32.255
        nd6 options=1<PERFORMNUD>
        groups: bridge
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: em3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 4 priority 128 path cost 55
        member: em1_vlan500 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 9 priority 128 path cost 20000

bridge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 02:0f:9d:95:72:01
        inet 172.16.0.1 netmask 0xffffff00 broadcast 172.16.0.255
        nd6 options=1<PERFORMNUD>
        groups: bridge
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: em1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 2 priority 128 path cost 55
        member: em2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 3 priority 128 path cost 55

Bidge Options:

net.link.bridge.ipfw: 0
net.link.bridge.allow_llz_overlap: 0
net.link.bridge.inherit_mac: 0
net.link.bridge.log_stp: 0
net.link.bridge.pfil_local_phys: 0
net.link.bridge.pfil_member: 0
net.link.bridge.ipfw_arp: 0
net.link.bridge.pfil_bridge: 1
net.link.bridge.pfil_onlyip: 0



#99
General Discussion / PPPoE Server Error: Cannot send original request: No buffer space available
November 13, 2018, 07:54:58 AM
My PPPoE Server is replying such an error and not allowing clients connection.
Pretty basic set-up:

startup:

poes:
  set ippool add pool1 10.10.100.190 10.10.101.187
  create bundle template B
  set iface up-script /var/etc/pppoe1-vpn/linkup
  set iface down-script /var/etc/pppoe1-vpn/linkdown
  set iface idle 0
  set iface disable on-demand
  set iface disable proxy-arp
  set iface enable tcpmssfix
  set iface mtu 1500
  set ipcp no vjcomp
  set ipcp ranges 10.9.9.1/32 ippool pool1
  set ipcp dns 10.9.9.1 8.8.4.4

  set bundle enable compression
  set ccp yes mppc
  set mppc yes e40
  set mppc yes e128
  set mppc yes stateless

  create link template L pppoe
  set link action bundle B
  set link no multilink
  set link disable pap
  set link disable eap
  set link enable chap
  set link keep-alive 10 60
  set link max-redial -1
  set link mtu 1492
  set link mru 1492
  set link latency 1
  set pppoe service pppoe1
  set pppoe iface em1
  set link enable incoming
  set auth max-logins 1

********************************************************
Error Log

***********************************************************+

Nov 13 06:12:50 OPNsense poes: PPPoE: message 7 from unexisting link "1"
Nov 13 06:12:55 OPNsense poes: Incoming PPPoE connection request via em1: for service "pppoe1" from b4:99:ba:e2:2e:a8
Nov 13 06:12:55 OPNsense poes: [L-1] Accepting PPPoE connection
Nov 13 06:12:55 OPNsense poes: [L-1] PPPoE: Cannot send original request: No buffer space available
Nov 13 06:12:55 OPNsense poes: [L-1] PPPoE connection not accepted due to error
Nov 13 06:12:55 OPNsense poes: [L-1] Link: Shutdown
Nov 13 06:12:55 OPNsense poes: PPPoE: message 7 from unexisting link "1"
Nov 13 06:13:00 OPNsense poes: Incoming PPPoE connection request via em1: for service "pppoe1" from b4:99:ba:e2:2e:a8
Nov 13 06:13:00 OPNsense poes: [L-1] Accepting PPPoE connection
Nov 13 06:13:00 OPNsense poes: [L-1] PPPoE: Cannot send original request: No buffer space available
Nov 13 06:13:00 OPNsense poes: [L-1] PPPoE connection not accepted due to error
Nov 13 06:13:00 OPNsense poes: [L-1] Link: Shutdown
Nov 13 06:13:00 OPNsense poes: PPPoE: message 7 from unexisting link "1"
Nov 13 06:14:20 OPNsense poes: Multi-link PPP daemon for FreeBSD


Any Ideas?
#100
General Discussion / Re: Static Routing
July 19, 2018, 10:11:54 AM
Great ! Much better now.  Thank's for the support.

I've gone back to the original set-up with two static routes:

192.168.21.0/24    10.10.100.53   
192.168.30.0/24    10.10.100.100

Internet:
Destination        Gateway            Flags     Netif Expire
default            10.10.100.1        UGS         em0
10.0.10.0/24       10.0.10.2          UGS      ovpns1
10.0.10.1          link#11            UHS         lo0
10.0.10.2          link#11            UH       ovpns1
10.10.100.0/24     link#1             U           em0
10.10.100.52       link#1             UHS         lo0
10.10.100.124      link#1             UHS         lo0
10.10.100.125      link#1             UHS         lo0
10.10.100.126      link#1             UHS         lo0
10.10.100.127      link#1             UHS         lo0
10.10.100.128      link#1             UHS         lo0
10.10.100.129      link#1             UHS         lo0
127.0.0.1          link#7             UH          lo0
192.168.2.0/24     link#2             U           em1
192.168.2.1        link#2             UHS         lo0
192.168.21.0/24    10.10.100.53       UGS         em0
192.168.30.0/24    10.10.100.100      UGS         em0
192.168.51.0/24    link#15            U       bridge0
192.168.51.254     link#15            UHS         lo0
root@OPNsense:~ # traceroute 192.168.30.10
traceroute to 192.168.30.10 (192.168.30.10), 64 hops max, 40 byte packets
1  10.10.100.100 (10.10.100.100)  0.404 ms  0.303 ms  0.293 ms
2  192.168.30.10 (192.168.30.10)  0.474 ms  0.381 ms  0.372 ms
root@OPNsense:~ # traceroute 192.168.21.100
traceroute to 192.168.21.100 (192.168.21.100), 64 hops max, 40 byte packets
1  10.10.100.53 (10.10.100.53)  0.484 ms  0.352 ms  0.347 ms
2  192.168.21.100 (192.168.21.100)  17.530 ms  2.959 ms  2.803 ms
root@OPNsense:~ # traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 40 byte packets
1  10.10.100.1 (10.10.100.1)  0.179 ms  0.158 ms  0.138 ms
2  1.0.0.138 (1.0.0.138)  0.668 ms  0.452 ms  0.562 ms
3  172.16.138.1 (172.16.138.1)  0.897 ms  0.737 ms  0.760 ms
222.red-80-58-67.staticip.rima-tde.net (80.58.67.222)  3.384 ms  4.253 ms  3.437 ms
^C
root@OPNsense:~ #

#101
General Discussion / Re: Static Routing
July 19, 2018, 08:45:56 AM
No problem.

#102
General Discussion / Re: Static Routing
July 19, 2018, 08:14:28 AM
Thanks for the repply.

Removed Gateway from IPv4 Upstream Gateway, and rebooted (Attached screenshot).

Still not taking the static route routing

root@OPNsense:~ # netstat -4rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            10.10.100.1        UGS         em0
10.10.100.0/24     link#1             U           em0
10.10.100.52       link#1             UHS         lo0
127.0.0.1          link#7             UH          lo0
192.168.1.0/24     link#2             U           em1
192.168.1.1        link#2             UHS         lo0
192.168.21.0/24    10.10.100.53       UGS         em0
root@OPNsense:~ # tracert 192.168.21.1
tracert: Command not found.
root@OPNsense:~ # traceroute 192.168.21.1
traceroute to 192.168.21.1 (192.168.21.1), 64 hops max, 40 byte packets
1  10.10.100.1 (10.10.100.1)  0.190 ms  0.282 ms  0.141 ms
2  1.0.0.138 (1.0.0.138)  0.614 ms  0.508 ms  0.543 ms
3  1.0.0.82 (1.0.0.82)  0.649 ms  0.690 ms  0.668 ms
4  1.1.1.12 (1.1.1.12)  0.798 ms  0.817 ms  0.866 ms
5  * * *
^C
root@OPNsense:~ #
#103
General Discussion / Static Routing
July 19, 2018, 07:49:01 AM
Hi there,
I come across an issue implementing static roting on  OPNsense 18.1.12-amd64.

Very basic set-up: Network 192.168.21.0/24 on 10.10.100.53

Opensense WAN: 10.10.100.52/24
Default Gateway: 10.10.100.1

Option " Bypass firewall rules for traffic on the same interface " is activated.

Routing table:
root@OPNsense:~ # netstat -4rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            10.10.100.1        UGS         em0
10.10.100.0/24     link#1             U           em0
10.10.100.52       link#1             UHS         lo0
127.0.0.1          link#7             UH          lo0
192.168.1.0/24     link#2             U           em1
192.168.1.1        link#2             UHS         lo0
192.168.21.0/24    10.10.100.53       UGS         em0

root@OPNsense:~ # traceroute 192.168.21.1
traceroute to 192.168.21.1 (192.168.21.1), 64 hops max, 40 byte packets
1  10.10.100.1 (10.10.100.1)  0.317 ms  0.154 ms  0.150 ms
2  1.0.0.138 (1.0.0.138)  0.542 ms  0.537 ms  0.595 ms
3  1.0.0.82 (1.0.0.82)  0.659 ms  0.733 ms  0.645 ms
4  1.1.1.12 (1.1.1.12)  0.896 ms  0.830 ms  0.712 ms


Any suggestion will be appreciated.

Rgds


Pages 1 ... 5 6 7