Messages

1

20.7 Legacy Series / Re: Current list of bugs/issues I've encountered in 20.7

« on: August 18, 2020, 03:45:44 pm »

@oscarr

Had the same issue two days ago. Didn't know why my master crashed and secondary didn't kick in. Had to drive about an hour/half to hard power down the master to get networking up again.

I believe leaving the dashboard opened for extended period of time was the cause, since that what happened in my case as you mentioned above.

Never had any issue like this prior.

Thanks.
Richard

2

Intrusion Detection and Prevention / Re: E-mail when alert or drop

« on: July 19, 2020, 03:35:07 pm »

Ok, tried with spaces... so far so good. Will monitor

Thanks,
Richard

3

Intrusion Detection and Prevention / Re: E-mail when alert or drop

« on: July 19, 2020, 03:31:57 am »

No screenshot.. here's the error message

root: /usr/local/etc/rc.d/monit: WARNING: failed to start monit

Jul 18 15:20:07   monit: /usr/local/etc/monitrc:32: syntax error 'content='

4

Intrusion Detection and Prevention / Re: E-mail when alert or drop

« on: July 18, 2020, 10:44:06 pm »

I tried this and Monit won't start up. Had to delete to get it started again. It was complaining about syntax error on line 37.

5

20.1 Legacy Series / Re: Update to 20.1.8 and IPSEC VPN faded away

« on: July 03, 2020, 05:35:32 pm »

Thanks for all your help with this project.

Are you going to post another announcement when the hot fixes are included?

Regards,
Richard

6

20.1 Legacy Series / Re: IPsec with NAT setup help

« on: June 03, 2020, 04:36:47 pm »

Got this working. Straightforward one-to-one NAT.

Thanks,
Richard

7

20.1 Legacy Series / IPsec with NAT setup help

« on: June 02, 2020, 06:24:30 am »

Hi,

Hope someone has gone through this and found a solution. I have spent days going over my configurations and referencing this forum and other sites trying to find a workable solution for the IPsec with NAT setup.

I've got Phase 1 working. Phase 2 and correct Outbound or 1:1 NAT is where I'm stuck.

My setup:

I have a 192.168.20.0/24

Partner remote network is  172.83.125.0/26

Because of overlapping network on the partner side, we agreed on a translated network between our sites.

My fake (translated network) is : 172.30.217.193/28


Because the fake translated network is /28, and I can't map my real network ( 192.168.20.0/24) to it 1:1.
I will need to create another subnet of my real network to create a slash 28.

For that, I created 192.168.20.0/28

My plan is to route 192.168.20.0/28 to the partner remote network (172.81.125.0/26), should be natted to 172.30.217.193/28


I have this identical setup on my Zywall router and it works. Just trying to move from my current router to OPNsense.

This is how it's setup on Zywall:

https://support.zyxel.eu/hc/en-us/articles/360001378633-How-to-setup-SNAT-in-a-VPN-tunnel

Hope i can find some help here.

Thanks,

~Richard