OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Rhabarbertorte »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - Rhabarbertorte

Pages: [1]
1
22.7 Legacy Series / All traffic not bound to specific interface leaves firewall as 0.0.0.0
« on: August 22, 2022, 04:51:21 pm »
Hello guys,

One important note beforehand: this all is not working anymore since my update to 22.7.2.

might be somehow a copy of https://forum.opnsense.org/index.php?topic=29962.0 , but i think this is quite urgent and not directly related to Wireguard.

On my firewall, after the latest update, every traffic originated from the firewall itself leaves with a source ip of 0.0.0.0. Therefore i never receive any answer.

If i do ping 9.9.9.9 --> no answer
If i do ping -S <WAN_IP> 9.9.9.9 --> everything works as expected

I added a NAT rule (Outbound, Interface WAN, Source IP 0.0.0.0/32, Destination !PRIVATE_NETWORKS(10.0.0.0/8, 192.168.0.0/16,..., MASQUERADE with WAN IP) --> now ping 9.9.9.9 works

This is definitly a major problem for me. Does anybody has a clue whats going on here?

Thanks in advance!

2
Virtual private networks / Wireguard stopped working OPNsense 22.7.2
« on: August 21, 2022, 09:31:09 pm »
Hello together,

Since the last update to OPNsense 22.7.2, none of my wireguard tunnels work anymore. I never had a problem with Wireguard and OPNsense before, how can this be?

Am I the only one for whom Wireguard no longer works?

The error image shows that traffic reaches the Wireguard server on my OPNsense and the server supposedly responds (see image) --> however, this traffic does not reach the endpoints on the other side.



I also did a complete reinstall of OpnSense and played back a backup. Problem stays the same.


3
German - Deutsch / DNS over TLS Validierung der SANs bzw. CN
« on: May 26, 2021, 11:03:57 am »
Hallo,

ich wollte nur mal anfragen, ob bei der Verwendung von DNS over TLS im Unbound, die gesendeten Server TLS Zertifikate validiert werden? Der Theorie nach, dürfte der Unbound sonst ja keine Daten von z. B. gefaketen Cloudflare DNS Servern akzeptieren.

Komischerweise muss man aber keine Common Names oder ähnliches angeben sondern gibt ja die DoT Server im Stil IP@Port an.

Kann mir das hier jemand näher erläutern? Muss ich davon ausgehen dass Unbound auch bei einem möglichen Man in The Middle Angriff weiter DNS Anfragen beantwortet?

Danke!

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2