OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of newsense »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - newsense

Pages: 1 ... 61 62 [63] 64 65 ... 70
931
General Discussion / Re: openVPN with TLS 1.3 ?
« on: March 02, 2019, 03:59:09 pm »
Thanks fabian, it will be interesting to see how it works on systems that specifically disable 0-RTT as it might be one of the best avenues to attack 1.3 connections for a while.

932
General Discussion / Re: Multiple VPN roadwarriors connections
« on: March 02, 2019, 03:53:18 pm »
Quite unclear what you're trying to achieve, but at the very least you should be using different ports

933
18.7 Legacy Series / Re: Kernel panic when unplugging WAN network interface
« on: March 02, 2019, 08:03:59 am »
Interface - Settings

Make sure the three Hardware settings, CRC, LRO and TSO are checked.

Save and reboot

934
19.1 Legacy Series / Re: amdtemp not loading
« on: March 02, 2019, 07:28:10 am »
System-Settings-Miscellaneous-Thermal Sensors

935
19.1 Legacy Series / Re: 19.1 bootloop
« on: March 02, 2019, 04:50:49 am »
You didn't say anything about this:

https://forum.opnsense.org/index.php?topic=11674.msg53090#msg53090

936
General Discussion / Re: Firewall loses connection periodically and is no longer external available
« on: March 02, 2019, 04:10:04 am »
Make sure you're on the latest version first.

Also, unplugging may lead to file system corruption so gracefully rebooting might be better that reinstalling anew.


For any other troubleshooting we'll need more details. "internet drops" is not something to work on...

937
General Discussion / Re: How can I route to my other provider without leaving the building...
« on: March 02, 2019, 04:04:46 am »
Unclear why you need WAN{a,b} for internal traffic.

Instead of LAN, you may be better suited with VLANs ?

Depending on the traffic, it would be fairly easy to say that users in VLAN1 can access say HTTPS:IP in VLAN2

Alternatively, define an alias for a group of IPs in one VLAN that need to access a service in the other.

End your rules with 'if nothing matches {route to internet | reject}'

938
General Discussion / Re: openVPN with TLS 1.3 ?
« on: March 02, 2019, 03:43:48 am »
The more time it takes TLS 1.3 to become the de facto standard with TLS 1.{0,1} code being actually dropped from the major browsers and other critical SSL derivatives/libraries -- the more likely E-TLS will start to be 'mandated' in the same vein as it happened in the AUS...

939
19.1 Legacy Series / Re: amdtemp not loading
« on: March 02, 2019, 03:21:31 am »
Make sure you have the latest BIOS from PCEngines, currently v4.9.0.2.

https://forum.opnsense.org/index.php?topic=4200.msg53320#msg53320

Steps 2-6 would apply.

Also, I'd make sure to have the latest OPNsense first - option 12 in the console.

940
General Discussion / Re: Firewall Rule Processing Order + NAT + tags
« on: February 28, 2019, 07:22:11 am »
It surely looks like you would need a VPN Site2Site there, and as far as Rules are concerned clearly you don't have the default so it might be best to post a screenshot?

941
General Discussion / Re: NGINX: Connection gets dropped
« on: February 28, 2019, 07:13:58 am »
Code: [Select]
opnsense-patch e8a8ed0ad832da64a79abf49ef45118b07267c4a :)

942
General Discussion / Re: nintendo switch what port to NAT
« on: February 28, 2019, 07:10:08 am »
Congrats, that's a better approach for sure.

If at all possible though use a VLAN assigned to the IoT WLAN which has the Nintendo, and at least another VLAN/WLAN pair which has more sensitive devices, like phones etc.

Last but not least, at the very minimum have a Deny ANY Source IoT Net - Dest LAN/other VLANs set of rules. Basically make sure the Nintendo only goes out to the internet and nothing more.

943
19.1 Legacy Series / Re: openvpn peer-to-peer not routing
« on: February 28, 2019, 06:50:20 am »
Is this what you're looking for ? Kinda hard to understand if you actually mean site 2 site or ssl warrior...prolly the latter.

Regardless of the 'sense' being used, the same principles apply, so just double check your config against the right tutorial below.


https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html

https://docs.opnsense.org/manual/how-tos/sslvpn_client.html

944
19.1 Legacy Series / Re: newbie question FW rule between two LANs
« on: February 28, 2019, 04:41:38 am »
First of all you want the NAS on LAN2 - with highly restricted access both in and out.

Secondly, you don't say anything about rules on the LANs. While LAN1 allows by default outbound connections any other interface will only have the implicit Deny ALL rule.

P.S. Having a single Allow ANY ANY rule on the interfaces kinda voids the need for a firewall.

945
19.1 Legacy Series / Re: System: Configuration: Defaults
« on: February 28, 2019, 04:33:52 am »
Wouldn't it be more productive to explain - in detail - why you need to reset everything constantly ?

Issues can be worked out without starting over all the time.

Pages: 1 ... 61 62 [63] 64 65 ... 70
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2