Messages

I've no experience with Tailscale so cannot comment. For my home I use OpenVPN, for accessing home LAN (including HA) from outside, which I installed using this tutorial:

https://www.youtube.com/watch?v=ocGAcZD8qYo

HTH

Not really, tried it before posting here  :D

Hi,

I just re-designed the entire home network from scratch with VLANs and removed all untagged interfaces and unmanaged switches. There seems to be an improvement in network performance and see minimal broadcast traffic on ntopng so seems like the project was totally worth it.

Also noticed that the stats in the dashboard for network interfaces have not changed in last one week, that seems odd but I am not expert so thought I'd ask here. Thoughts?

Is there a way to reset the stats for network interfaces in the dashboard?  Does any one know for what time duration (24h, 1 week, 1 month etc) these stats represent?

Thanks,
Pankaj

The ntopng UI tab in OPNSense does not allow picking more than one interface  :(

Got it.

On LAN (192.168.1.1/24) make a rule that essentially says following:

Action: PASS
Interface: LAN
Direction: in
TCP/IP: IPv4
Protocol: any
Source: any
Destination: any

Then connect a client (say a laptop) directly wired into the LAN port and check:
1. Does the machines get 192.168.1.1 subnet address?
2. If so, try pinging 192.168.10.108 (WAN IP)

If it works then start tightening things with more rules and desired customization!

Probably as a minor weight but don't think it is a version issue for following reasons:

1. My POV is only about 4-5 months since I started using ntopng so not a very long time span.
2. The CE of ntopng has allowed 5 interfaces but the OPNSense plugin could never pick more than one since the day I started using the plugin.
3. In the past, I was manually able to edit the file "/usr/local/etc/ntopng.conf" and add more interfaces.
4. Ntopng kept on crashing a lot so had to set up a Monit check to restart it when it goes down, it worked well with all the manually added interfaces when restarted by Monit.
5. For last one week, I noticed that the manually added interfaces are not showing up after restart as the ""/usr/local/etc/ntopng.conf" file gets re-written by some process.

Attached are my latest versions, hope it helps.

Is the WiFi you added to the apartment? If yes, then its subnet seems to be conflicting with WAN.

You may also want to read this thread which was quiet comparable although not similar - https://forum.opnsense.org/index.php?topic=29874.0

Hi,
The community edition of ntopng allows up to 5 interfaces for monitoring which is plenty for home users like me.
But the plugins for OPNSense plugin for ntopng only allows one interface, just curious if this is by design or an oversight?

Thanks.

Thanks, exactly what I was looking for!!

Nope it does not work!!  8)

Hi,

I am using Unbound DNS which is working fine but seems like the option to use it for machines on the LAN is optional as I was able to select a DNS server of my choice.

Code Select Expand


pm@mhome:~$ nslookup
> ibm.com
Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
Name: ibm.com
Address: 96.6.233.216
Name: ibm.com
Address: 2600:1406:3c:389::3831
Name: ibm.com
Address: 2600:1406:3c:38a::3831
> server 8.8.8.8
Default server: 8.8.8.8
Address: 8.8.8.8#53
> ibm.com
Server: 8.8.8.8
Address: 8.8.8.8#53


Is there a way to force LAN clients to use Unbound DNS and not be able to go to the WAN side for DNS queries?
Thanks.

If I've a router in AP mode and OPNSense is handling DHCP with two VLANs say:

1) IoTs: 192.168.1.*
2) Guest: 192.168.2.*.

The router will be assigned a 192.168.2.0/24 static IP address in this setup.

Would devices from Guest subnet (if given correct SSID/password) be able to get on the WiFi?

PS: I don't want to configure all this only to find out that it does not work so thought I will just ask here!

Don't use the bridge, you'll regret it.
Post pictures of your switch vlan config.

Thanks, I solved it. I had to tag each VLAN to the port that I was using as uplink between the two switches...it seems obvious now but not sure how I missed it earlier  :D

I had to upload the .p12 key again and it started working again!

Actually it does, thanks!
Let me check my configurations again and perhaps re-install to see if I can get it running again.