OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of P195 »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - P195

Pages: [1]
1
General Discussion / When you fiddle and get locked out, what the easiest approach to restore access?
« on: November 04, 2024, 07:06:03 pm »
Hi All,

If you change settings which end up locking you out where you can no longer access the web GUI, or login at the console, what is the easiest way to restore a backup or to regain access?

This has happened to me several times now by fiddling about, and yesterday I found myself in this scenario again where I think I changed from static IP to DHCP (I can't quite remember what I did) but I couldn't access web GUI and when in console my login and password was not allowing me to login. I tried various things for several hours but to no avail so I ended up reinstalling back to fresh install and loading a saved .xml config, but this also caused headaches due to missing plugins and their settings etc.

I've now managed to reconfigure everything again, but if I find myself in this scenario again, rather than having to reinstall, what's the easiest solution?

I know you can restore from console which I have done several times before, but this time I was unable to login to do that.
Is it possible to put a saved .xml config file on a usb pen drive and restore settings like that?
Can I backup the whole install including plugins (image?) rather than just the settings and restore like that?
Or is there a better way that I've overlooked?

Many Thanks
P195


2
General Discussion / Unraid server web GUI access (with no switch)
« on: November 02, 2024, 12:23:52 pm »
Hi All,

I currently have 2 PC’s and my unraid server connected to the three LAN ports of my mini pc as I don’t yet own a switch (but I’ve ordered one).

In the meantime, if I want to be able to access the unraid server web GUI on one of those PC’s do I need to use a bridge or can I just create firewall rules to allow communication?

I’ve tried creating firewall rules but have been unable to access the web GUI. I'm not sure if that's because it's not possible or because I've set up the rules incorrectly. If I can do it with rules, can you advise how I should set it up please?

Thanks,
P195

3
General Discussion / Best way to learn and understand OPNsense?
« on: September 21, 2024, 08:00:17 pm »
Hi All,

I've been using OPNsense for a while now, but haven't really got any proper understanding about how to configure it without reverting to watching VT video's. And most of those don't really explain the reasoning for doing things in a noob friendly format, and therefore it ends up being just information where not much understanding is gained.

Are there any structured training resources available to get a total noob like me to a point where I can be totally comfortable with the GUI and all of it's features? Is there some foundation knowledge required to get to this stage?
I want to understand it, but I don't want to have to do months of networking "training" to do so.

I was considering if it may be worth switching to something like DD-WRT which I believe is a little easier on the configuration front for new users, but I'm guessing I could still be in the same situation with that if I don't understand core networking principles.

Is OPNsense the right choice for someone like me?

Thanks,
P195


4
24.1 Legacy Series / Slow updates - advice on query forwarding when using unbound
« on: July 17, 2024, 07:17:32 pm »
Hi All,

I'm currently using Adguard home and unbound internal DNS as per this guide: https://windgate.net/setup-adguard-home-opnsense-adblocker/

I tried to run updates earlier which was being very slow and didn't seem to work, so I added a DNS under system > settings > general and ticked "Do not use the local DNS service as a nameserver for this system". Then when I tried to update it worked perfectly. I have now reverted those changes now that the firmware has been updated.

My question is, how should I set up OPNsense to update properly without having to change this setting each time I need to update, while still using the adguard > unbound > upstream DNS configuration detailed in the link?

*******

A follow on question is, what is the point / benefit in using unbound as well as adguard?

Thank You
P195

5
General Discussion / How to reinstall missing Adguard plugin / connectivity issues
« on: May 18, 2024, 03:31:29 pm »
Hi All,

- Original install had AdguardHome plugin installed
- Made a backup
- Updated to 24.1.7 (new install over old install) configured same interfaces and IP's
- Restored backup
- Couldn't load any websites
- Realised that os-adguardhome-maxit plugin is missing (shown in red)
- Went to Sevices > UnboundDNS > DNS over TLS and checked "Use System Nameservers"
- Went to System > Settings > General and added DNS Server 8.8.8.8 (use gateway = none)
- Can now load websites

I want to reinstall the AdguardHome plugin so my original configuration with AdgaurdHome resumes:

- Used Putty to SSH into OPNsense firewall
- using this guide: https://0x2142.com/how-to-set-up-adguard-on-opnsense/ typed the fetch command to install the adguard plugin and got these results:

fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf
fetch: /usr/local/etc/pkg/repos/mimugmail.conf: open(): Permission denied                                                                                                                                                                                                             
pkg update
pkg: Insufficient privileges to update the repository catalogue.

- Went to System > Firmware > Status and ran connectivity audit and got these results:

--- 89.149.222.99 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 11.693/11.879/12.094/0.149 ms
Checking connectivity for repository (IPv4): https://pkg.opnsense.org/FreeBSD:13:amd64/24.1
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 841 packages processed.
All repositories are up to date.
Checking connectivity for host: pkg.opnsense.org -> 2001:1af8:5300:a010:1::1
ping: UDP connect: No route to host
Checking connectivity for repository (IPv6): https://pkg.opnsense.org/FreeBSD:13:amd64/24.1
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/meta.txz: Non-recoverable resolver failure repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository OPNsense
Error updating repositories!
***DONE***

How I go about resolving the connectivity issues found during the audit?
How do I reinstall the missing Adguard plugin (and why I cant fetch the plugin config file?)

Many Thanks,
P195

6
General Discussion / Block access to a specific file, folder or application on Windows?
« on: January 25, 2024, 12:02:16 pm »
Hello,

I run OPNsense on my mini pc router.

Is there any way I can create a rule to block a specific file, folder, or application on my windows host machine from having network access either natively or via a plugin? If so, how do I go about it?

Or does this need to be done on the host itself?
If so, is the built in windows firewall able to block network access for specific files, applications or whole folders?
If not, do you have any recommendations for good alternatives that allow this functionality?

Many Thanks
P195

7
General Discussion / Question about Adguard home > Unbound DNS configuration
« on: December 15, 2023, 04:52:32 pm »
Hi All,

When using a local DNS filtering service such as Adguard home on OPNsense, why may you want to include unbound DNS before sending on to the upstream provider as explained in the following guide ?

https://windgate.net/setup-adguard-home-opnsense-adblocker/

From what I can tell, unbound is just forwarding the query to the external provider.
What benefits does including unbound DNS in the chain provide Vs just using Adguard > Cloudflare ?

Thanks

8
General Discussion / Automatic Backups - Help needed with script and cron job
« on: December 06, 2023, 06:28:46 pm »
Hi All,

I've been following this guide https://www.zenarmor.com/docs/network-security-tutorials/opnsense-security-and-hardening-best-practice-guide#how-to-backup-configuration-automatically

but I'm stuck on the last few steps (23 & 24)

I'm on windows so I've opened text editor and copied the code shown in and modified the fields with my API key and secret, my hostname and path to where I want to save the backups to.

What do I have to do next? I assume I need to save that text file somewhere on my PC (should it be a .txt or another extension?) and then I think I have to create a new cron job under System > Settings > Cron?

Any help would be much appreciated.
Thanks


9
General Discussion / How to get internet access when connecting opnsense router to existing router?
« on: December 03, 2023, 11:34:50 pm »
Hi All,

I'm trying to connect my OPNsense router to my existing ISP router so I can use my local PC to learn and configure OPNsense while still allowing the rest of my family to use the wireless functionality of the ISP router.

I've connected one of the LAN ports of the the ISP router to the WAN port of the OPNsense router and am able to access the GUI on 192.168.1.1.

When I was using the ISP router in bridge mode before, I had to use PPPoE for the WAN and input my broadband credentials which enabled internet access. When trying to configure this as a router behind a router (which isn't in bridge mode), should I be using DHCP, PPPoE or static IP for the WAN?

Should my network card in my PC be set to obtain IP automatically or do I need to specify a specific IP/subnet mask/gateway ?

Is there anything that I would need to change (or information I would need to know) in the GUI for the ISP router?

I've spent all day today trying to get internet access but to no avail. I'd be very grateful for any advice on what I need to do to get internet access to work when using OPNsense behind my ISP router when not bridged.

Thanks
P195

10
General Discussion / No internet access - not Getting IP for WAN via DHCP
« on: November 29, 2023, 12:21:14 pm »
Hi all,

I've switched my ISP's [modem/router/ap] into bridge mode and have connected a cable from the WAN port on the back to the first port on my OPNsense router. The ports on the OPNsense router are labelled ETH0,ETH1,ETH2,ETH3. When installing OPNsense I configured the ports - the available options in the list were igc0,igc1,igc2,igc3 so I set WAN as igc0 and LAN as igc1. So... WAN from bridged ISP router into WAN (igc0/ETH0).

I've connected my PC into the LAN port and am able to access the OPNsense GUI where I have run through the wizard and have set WAN as DHCP and have specified DNS servers as 9.9.9.9 and alternative as 1.1.1.1. I have left the two checkmarks on (for the blocking of bogon and the other one).

From the video's I've seen, I should be able to access the internet off the bat but I can't. I've rebooted both the ISP modem and the OPNsense router. When the OPNsense router has finished booting it shows my LAN IP as 192.168.1.1/24 but for the WAN IP it shows 0.0.0.0/8 and I assume this is why I can't access the internet.

I went into the ISP routers GUI, but most of the configurable settings have been disabled due to being in bridge mode. I've also tried fiddling about with the TCP/IPv4 properties for the network interface on my PC, but to no avail.

The cables I've used are straight thru patch cables RJ45 pinout T-568B and have tried several which haven't worked, so I don't think the cables are the issue. I do not yet have a managed network switch, I've plugged my PC directly to the LAN port on the OPNsense router, does that matter?

Any tips on what I could try get a WAN IP detected by OPNsense from my ISP's router in bridge mode please?
Also please bear in mind that I'm a networking beginner so simple explanations would be helpful.

Many Thanks!
P195

11
General Discussion / Configuring OPNsense without using router bridge mode?
« on: November 28, 2023, 05:29:54 pm »
Hi All,

It's my first post here. I've just installed OPNsense for the first time and switched my ISP's router into bridge mode which allowed me to access the config pages from my browser.

I soon got a shout up the stairs from my wife saying "the internets not working!".

Am I able to familiarise myself with the interface and configure some settings without using my ISP's router in bridge mode so the rest of the family can still use the current network configuration?

Can I connect a lead from my ISP routers WAN port and connect it to my firewall device and still access OPNsense when my ISP's router is not in bridge mode?

EDIT: also, if this is possible, how much configuration can I do like this ?

Many Thanks
P195

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2