1
General Discussion / Re: Allowed memory size of 1073741824 bytes exhausted for opnsense 24.1
« on: May 10, 2024, 09:42:37 am »
Same for me .. Do you have any fix?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Virtual private networks / Re: OpenVPN - Can not ping second Node trough VPN
« on: February 24, 2024, 09:04:07 pm »
This is how the network look like
3
Virtual private networks / OpenVPN - Can not ping second Node trough VPN
« on: February 24, 2024, 04:38:34 am »
Hello,
i have two firewalls (fw01 and fw02)
FW01 (172.16.3.5) is connected over crossover with FW02(172.16.3.6)
Both can ping each other.
On FW02 i have a openVPN Server. When i connect to FW02 with my client i can reach 172.16.3.6 but not FW01 and i dont get the issue.
For now i ve allowed any traffic via rule. But still not working.
Do you have any advice for me? (s. screenshots)
i have two firewalls (fw01 and fw02)
FW01 (172.16.3.5) is connected over crossover with FW02(172.16.3.6)
Both can ping each other.
On FW02 i have a openVPN Server. When i connect to FW02 with my client i can reach 172.16.3.6 but not FW01 and i dont get the issue.
For now i ve allowed any traffic via rule. But still not working.
Do you have any advice for me? (s. screenshots)
4
High availability / Re: Opnsense HA - Master loses connection to slave
« on: February 24, 2024, 04:21:29 am »
After setting up CARP VIP the synchronisation works.
Thanks for your feedback
Thanks for your feedback
5
High availability / Re: Opnsense HA - Master loses connection to slave
« on: February 21, 2024, 04:45:11 am »
Maybe there is a problem matching the interfaces of FW01 and FW02 ?
How does the synchronisation map firewall rules/interfaces from FW01 to the correct corresponding interface on FW02 ? By name? Or is there a mapping table?
How does the synchronisation map firewall rules/interfaces from FW01 to the correct corresponding interface on FW02 ? By name? Or is there a mapping table?
6
High availability / Re: Opnsense HA - Master loses connection to slave
« on: February 21, 2024, 04:39:16 am »
ok let me describe it in another way
FW02 (slave) has a rule which allows traffic from FW01 on the "Synchronize Interface". Without that rule everything from FW01 is denied (default)
When FW01 synchronizes configurations to FW02 (System -> HA -> Settings -> Perform synchronization) that rule is removed and then connection between FW01 and FW02 is down.
I ve to say that i didn't setup carp for now. Maybe this is the issue?
FW02 (slave) has a rule which allows traffic from FW01 on the "Synchronize Interface". Without that rule everything from FW01 is denied (default)
When FW01 synchronizes configurations to FW02 (System -> HA -> Settings -> Perform synchronization) that rule is removed and then connection between FW01 and FW02 is down.
I ve to say that i didn't setup carp for now. Maybe this is the issue?
7
High availability / Opnsense HA - Master loses connection to slave
« on: February 20, 2024, 02:16:28 pm »
Hello,
i ve setup HA between 2 Firewalls on Interface1. FW01 and FW02 are connected directly via CrossOverCable.
ofc i ve configured rules on interface1 which allows traffic from fw01 to fw02 and vice versa.
The problem is after synchronisation the rule on fw02 (slave) dissappears and master (fw01) is not able to process any further syncronisation (because it is copied from master). I also tried to put the rule on master but it didn't help. I guess opnsense first removes the rule from slave and after then it is not able to synchronize anything.
How do you manage this?
BR
i ve setup HA between 2 Firewalls on Interface1. FW01 and FW02 are connected directly via CrossOverCable.
ofc i ve configured rules on interface1 which allows traffic from fw01 to fw02 and vice versa.
The problem is after synchronisation the rule on fw02 (slave) dissappears and master (fw01) is not able to process any further syncronisation (because it is copied from master). I also tried to put the rule on master but it didn't help. I guess opnsense first removes the rule from slave and after then it is not able to synchronize anything.
How do you manage this?
BR
Pages: [1]