OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of philipb232 »
  • Show Posts »
  • Topics
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Topics - philipb232

Pages: [1]
1
Virtual private networks / IPsec connection works until first rekey
« on: September 20, 2024, 08:34:51 am »
Hi,
I have a little problem with an IPsec Site2Site connection. The connection works until the first rekey after one hour.
I'm not sure if I read the log correctly but it looks like the rekey works but the other side tries to rekey again 25 seconds later, but with the old SPI.
Unfortunately I don't have access or detailed information about the other side but maybe someone here is able to spot the problem.

2
24.1 Legacy Series / Static route with high packet loss
« on: July 08, 2024, 04:13:14 pm »
Hi,

I have a VPN-Gateway in my LAN Network and I want all clients to be able to use the network behind that VPN Gateway.

So I added a Gateway and a static route in my opnsense firewall.
Ping works fine but I have a huge problem with TCP traffic. It seems that they are a lot of lost packages / re transmissions.
The thing is, when I apply the same static route on a client pc it works flawlessly.

LAN IP OPNsense: 10.10.50.254
IP VPN-Gateway: 10.10.50.200
Subnet behind VPN Gateway: 10.20.0.0/16

Route I use: 10.20.0.0/16 10.10.50.200 LAN

One thing I noticed in the Firewall -> Log Files -> Live View is that there is allowed traffic but also sometimes blocked traffic. Same source local network IP, same destination VPN IP, same ports, same protocol.

3
Virtual private networks / Assigning an interface for WireGuard Site2Site connection not possible?
« on: June 29, 2024, 10:19:54 am »
I'm wondering why I can assign an interface to a RoadWarrior setup and manage firewall rules via this interface, but this doesn't seem to work with a Site2Site connection? I can assign an interface, but then the tunnel doesn't even cum up anymore.

4
Virtual private networks / How to set outbound gateway for WireGuard
« on: June 28, 2024, 11:59:23 pm »
Hi everyone,

I have multiple WAN connections and WireGuard should not use the default one. How can I set a specific gateway for WireGuard to use or even better a WAN group?

My WireGuard instance is the "client" of an site-2-site connection.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2