"
Runs like clockwork - thanks for the good work!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#17
German - Deutsch / Re: Hardware-Frage zu DEC3860
July 02, 2023, 04:15:39 PM
Der Anbieter hier ist Lünecom - dort ist lediglich ein SFP Modul (1000BASE-BX) mit den entsprechenden Wellenlängen (1310nm TX, 1490nm RX) erforderlich, ohne weitere Anpassungen. Authentifizierung per MAC nach einmaligem Anmelden mit Aktivierungscode per Browser.
https://www.fs.com/de/products/75335.html?attribute=10228&id=1874176
Bei deinem Anbieter kann das natürlich ganz anders aussehen und du musst evtl. Änderungen an der Konfiguration des Moduls vornehmen wie auch schon im verlinkten Thread von meyergru beschrieben.
Inwieweit sich die Module von fs.com (sorry für den Dreher im vorigen Post) konfigurieren lassen, kann ich dir nicht sagen. Es gibt dort auch noch die "FS BOX" (v3/v4) zur Konfiguration / Anpassung von Modulen. Ob eine dieser Boxen für ein solches Vorhaben benötigt würde, kann ich nicht sagen.
https://www.fs.com/de/products/75335.html?attribute=10228&id=1874176
Bei deinem Anbieter kann das natürlich ganz anders aussehen und du musst evtl. Änderungen an der Konfiguration des Moduls vornehmen wie auch schon im verlinkten Thread von meyergru beschrieben.
Inwieweit sich die Module von fs.com (sorry für den Dreher im vorigen Post) konfigurieren lassen, kann ich dir nicht sagen. Es gibt dort auch noch die "FS BOX" (v3/v4) zur Konfiguration / Anpassung von Modulen. Ob eine dieser Boxen für ein solches Vorhaben benötigt würde, kann ich nicht sagen.
#18
German - Deutsch / Re: Hardware-Frage zu DEC3860
July 01, 2023, 03:23:25 PM #19
23.1 Legacy Series / Re: Weird network problems for one client after updating from 23.4 to 23.4.1
June 20, 2023, 11:21:21 AM
The problem is so serious for this employee that he is not able to work from home anymore and the logs are full of FA, RA and PA entries if he tries to. In the next step I'll try to find the root cause in his homeoffice.
Thank you very much - I've learned a lot :)
Thank you very much - I've learned a lot :)
#20
23.1 Legacy Series / Re: Weird network problems for one client after updating from 23.4 to 23.4.1
June 19, 2023, 07:39:45 PM
Thank you for the explanation - got it now, I looked at the wrong part of the line(s). Since only one employee has this problems (homeoffice), I assume some kind of internet problems like packet loss / flaky connection or a bad wlan connection on his side. Would you agree on that?
#21
23.1 Legacy Series / Re: Weird network problems for one client after updating from 23.4 to 23.4.1
June 19, 2023, 06:41:47 PM
It looks like most packages (blocked and passed) have only the "DF" flag assigned. Looking at the firewall plain view, the length of the blocked packages varies a lot - I've seen lengths from 90 to 1028 (btw. what unit is this? bit?). And also a few blocked packages with a length of 0.
Btw. rule 11 (line start) is the "Default deny / state violation rule".
Btw. rule 11 (line start) is the "Default deny / state violation rule".
#22
23.1 Legacy Series / [SOLVED] Weird network problems for one client after updating to 23.4.1
June 19, 2023, 04:22:35 PM
Hey,
we have weird network problems in conjunction with OpenVPN with our firewall after updating from 23.4 to 23.4.1 on a DEC3850 for a single employee.
The "Default deny / state violation rule" blocks randomly traffic from one of our OpenVPN connected employees although the corresponding traffic is alowed by rule(s). At times the traffic from this employee is blocked at all. All our clients are running Windows 10 using OpenVPN connect 3.3.7 and this setup is working for at least 1,5 years now.
In the live log it sometimes looks like alllow/deny ping pong - screenshots attached.
I'm a bit helpless at this point. What could be the reason that the traffic from a single employee is blocked while all others have normal access as expected? This employee has no (known) problems to access other parts of the internet at all - websites etc. working normal.
I have the feeling, that this problem has nothing to do with the update to 23.4.1, but it started right after the update, so I thought asking in the forum might be a good idea.
Has someone ever experienced such a problem?
we have weird network problems in conjunction with OpenVPN with our firewall after updating from 23.4 to 23.4.1 on a DEC3850 for a single employee.
The "Default deny / state violation rule" blocks randomly traffic from one of our OpenVPN connected employees although the corresponding traffic is alowed by rule(s). At times the traffic from this employee is blocked at all. All our clients are running Windows 10 using OpenVPN connect 3.3.7 and this setup is working for at least 1,5 years now.
In the live log it sometimes looks like alllow/deny ping pong - screenshots attached.
I'm a bit helpless at this point. What could be the reason that the traffic from a single employee is blocked while all others have normal access as expected? This employee has no (known) problems to access other parts of the internet at all - websites etc. working normal.
I have the feeling, that this problem has nothing to do with the update to 23.4.1, but it started right after the update, so I thought asking in the forum might be a good idea.
Has someone ever experienced such a problem?
#23
Hardware and Performance / Re: DEC4040 SFP28 support
February 14, 2023, 04:29:20 PM
Hi,
not guaranteed, but in the past I had very good experiences with the (generic) modules from fs.com for all of my DECs - all worked / working like a charm.
not guaranteed, but in the past I had very good experiences with the (generic) modules from fs.com for all of my DECs - all worked / working like a charm.
#24
22.7 Legacy Series / Re: DNS Servers not being used.
August 08, 2022, 10:11:51 AM
No, I'm not using wireguard on this system but OpenVPN.
I just found out that the configured global nameservers will be used if I enable either the checkbox "Use system namservers" on the Unbound DNS "query forwarding" page or the corresponding checkbox on the Unbound DNS "DNS over TLS" page.
Is that the desired/expected behavior?
I just found out that the configured global nameservers will be used if I enable either the checkbox "Use system namservers" on the Unbound DNS "query forwarding" page or the corresponding checkbox on the Unbound DNS "DNS over TLS" page.
Is that the desired/expected behavior?
#25
22.7 Legacy Series / Re: DNS Servers not being used.
August 05, 2022, 06:30:34 PM
Although I'm still on 22.1.10, it also doesn't work for me. The ISP DNS servers are used - ignoring my config (1.1.1.2/1.0.0.2). So maybe there is already an issue since v22.1.x.
#26
German - Deutsch / Re: Firewall Regel mit eingehendem und ausgehenden Interface
July 07, 2022, 02:03:38 PM
Hallo Thomas,
ich lege mir für diesen Zweck immer den Alias 'internal_networks' an - mit sämtlichen lokalen Netzwerken (RFC1918). Eine Regel mit dem Ziel "!internal_networks" (Checkbox Destination / Invert anhaken) erlaubt dann nur den Zugriff nach außen. Setze ich immer als letzte Regel.
LG Olli
ich lege mir für diesen Zweck immer den Alias 'internal_networks' an - mit sämtlichen lokalen Netzwerken (RFC1918). Eine Regel mit dem Ziel "!internal_networks" (Checkbox Destination / Invert anhaken) erlaubt dann nur den Zugriff nach außen. Setze ich immer als letzte Regel.
LG Olli
#27
German - Deutsch / Re: WAN Port 1000baseT ändert sich automatisch immer wieder auf 100baseT
June 16, 2022, 09:37:35 AM
Hast du mal ein anderes Netzwerkkabel ausprobiert?
#28
German - Deutsch / Re: Opnsense hinter Fritzbox 7490 Pppoe Telekom
June 13, 2022, 01:19:18 PM
Ich kann den Vigor 167 empfehlen - läuft hier an einem Company Pro 100 absolut problemlos.
#29
22.1 Legacy Series / Re: DHClient stops suddenly? WAN-Connection down a few times a day
April 19, 2022, 04:53:15 PM
Same here with Vodafone. A simple release/renew or saving the gateway config without a change brings it up again.
#30
22.1 Legacy Series / Re: High Packet Loss/CRC errors for Tx on axgbe (DEC2750/OPNsense 22.1)
April 14, 2022, 06:50:35 PM
What exactly do you mean in that comparison?
