Recent posts

#1
French - Français / Re: Pas d'accés WAN
Last post by terry - Today at 05:37:00 PM
...comme je suis un peu têtu, j'ai continué à chercher comment résoudre mon pb.

Premier constat l'erreur grossière, c'est l'adresse ip de mon lan qui doit être sur un autre réseau. Ce post a été visité par 2101 personne au moment de ma réponse et personne n'a osé me l'indiqué ou n'a pas vu l'erreur (ou mon sujet d'amateur n'intéresse personne :-)).

- Ne pas utiliser le pc de configuration d'Opnsense sur le réseau wifi, ce qui m'a bien enduit en erreur.
- Vérifier que les bonnes interfaces sont connectés au bon réseau.
- Décocher dans mon cas dans l'interface wan, bloquer les ip privé
- Redémarrer après l'affectation de l'ip lan avec les câbles lan et wan branchés.

Opnsense au démarrage s'occupe du principal, en générant quelques règles automatique.

En ce qui me concerne dans Pare-feu/nat/nat sortant en automatique, les règles ne s'étaient pas générées.
Je ne saurais pas tout expliquer, les confusions de réseaux et l'utilisation du wifi ne m'ont pas aidé.

Pour le reste, un petit secret, ChatGPT est ton amis...

Dernier point concernant l'installation sur un vieux PC, pour éviter les pb de partition gpt/mbr, il faut sélectionner à l'installation Other modes(aprés zfs et ufs) il proposera le mode mbr.

Si ces quelques lignes peuvent aider quelqu'un...
#2
Quote from: vpx on Today at 03:11:18 PMIKE IDs are set on both sides and proposals are on default on both sides. Any suggestion?
I've read a recommendation to disable the default and specify certain proposal instead.

Quote from: vpx on Today at 03:11:18 PMBut I wonder why the line with "looking for peer configs matching" says "[%any]" for the IKE ID when I specifically provided that.
Maybe it is complaining about the remote site's id. Possibly it's different from the IP address?
#3
26.1 Series / Re: Can't connect to some site...
Last post by Kinerg - Today at 05:04:06 PM
Quote from: Ansio on Today at 04:58:53 PMThe only thing we have done is set it up to use a VPN.
Are connection problems while on VPN? What VPN? Same if it's disabled?
#4
26.1 Series / Can't connect to some sites
Last post by Ansio - Today at 04:58:53 PM
My friend and I decided to try to learn some new things. So we installed opnsense and have been messing around with it over the last day.

Its a fresh install. The only thing we have done is set it up to use a VPN. And the steven black block list, which has now been disabled.

When we try to access this forum it will not load the page. The page that loads is just a basic browser error page that says check your proxy or firewall. When I disconnect from opnsense I am able to load this forum.

I have checked the live logs on the firewall and the only thing that shows up as block is some other address.

Any ideas on how to troubleshoot or where we should be looking?

Thank you.
#5
Мне кажется, что ip gateway я по ошибке указала 10.255.0.1, сейчас уже не проверить, так как я откатила все настройки и затем настроила Xray заново. Еще при добавлении Gateway, я интерфейс оставила WAN, а надо было выбрать тот который xray vpn.
Теперь все отлично работает)) Спасибо еще раз!
#6
German - Deutsch / Re: opnsense ipv6 Interface-UL...
Last post by Maurice - Today at 04:36:31 PM
Vielleicht lassen sich die IP-Telefone so konfigurieren, dass sie das VoIP-VLAN nicht an ihren zweiten Port (an dem der PC hängt) durchreichen? Wäre ein naheliegendes Feature, denn genau für deinen Use Case haben diese ja den zweiten Port.

Du solltest jedenfalls nicht versuchen, für ein Layer 2-Problem (nicht sauber getrennte VLANs) einen Workaround auf höheren Layern (z. B. Router Advertisements) zu basteln.

@Patrick Je nach NIC / Treiber / Konfiguration wird das VLAN-Tag ggfs. ignoriert und Windows akzeptiert dann alle Frames. So kommt es zur Vermischung von VLANs. Habe ich auch schon gesehen.
#7
General Discussion / Koło Fortuny Online jak działa
Last post by Elisaamups - Today at 04:29:48 PM
Testowałem koło fortuny do zakręcenia - oto szczegóły.
 
Parametry:
 
- Android 7.0+ / iOS 12.0+
- Waga: 45 MB
- RAM: min 1 GB
- Storage: ~100 MB
- Tryb offline
 
Zasady:
 
- No sign-up - instant play
- Certyfikowany RNG - third-party tested
- Legal - zgodność z krajowymi przepisami
- TLS 1.3 encryption
 
O grze:
 
To koło fortuny gra na telefon z klasyczną mechaniką zakręceń. Koło fortuny gra po polsku - jedno tapnięcie i instant result. Pobierz koło fortuny app na obu systemach.
 
Start:
 
- Free tokens powitalny
- No deposit required
- Multipliers: x2, x5, x10
- Pola bonusowe: re-spin, higher cap
 
Komu pasuje:
 
- Fanów koło fortuny po polsku
- Szukających legalnej rozrywki
- Ceniących privacy (anonymous)
- Grających offline (samolet)
- Beginners - koło fortuny gra online instant fun
 
Not for:
 
- Szukających multiplayer
- Chcących complex gameplay
- Potrzebujących funkcji społecznościowych
 
Ryzyko:
 
- Gra losowa - random results
- Kontrola: time limits, ograniczenia żetonów
- It's entertainment, nie income
 
Ograniczenia:
 
- Missing multiplayer (w planach)
- Ograniczone motywy graficzne (regularne updates)
- Wymaga 100 MB for full features
 
Dlaczego gra koło fortuny online vs konkurencja:
 
- Lżejsza: 45 MB vs 100-200 MB
- Bez rejestracji (most require account)
- Offline mode (rzadkość|rare)
- Zero reklam (others spam)
- Low battery baterii
- Verified RNG (not all competitors)
 
Rating: 4,8/5 (thousands pozytywnych recenzji)
 
Pobierz koło fortuny gra na telefon i sprawdź sam. Polecam na quick fun. Graj odpowiedzialnie!
#8
26.1 Series / Re: How does SLAAC for ipv6 wo...
Last post by klinebau - Today at 04:15:53 PM
Quote from: allebone on February 24, 2026, 11:01:02 PMHow do I configure this option?


I used the configuration example right out of the dnsmasq documentation (https://docs.opnsense.org/manual/dnsmasq.html#configuration-examples).  The only difference is that I used RA-STATELESS and RA-NAMES for the RA Mode.
#9
26.1 Series / Re: How does SLAAC for ipv6 wo...
Last post by OPNenthu - Today at 04:09:01 PM
In NetworkManager there is an option "IPv6 address generation mode," which can be set to either "stable privacy" or "EUI64."  This is separate from the privacy extensions mode.

On my linux desktop "stable privacy" is the default, which does not derive from the MAC address but rather generates a unique address that remains stable on a per-network basis.  If you change networks (or NICs, I guess) you get a different one.

Quote from: klinebau on February 24, 2026, 08:36:56 PMRA-NAMES uses the MAC address to register the IPv6 address, so you have to have an IPv4 address along with MAC in order for it to match using the EUI-64 address.

I'm not near my OPNsense now but can verify later this week.  The host which is failing to register does have an IPv4 reservation by MAC.  However, the same client has reservations on multiple ranges/domains so that it always gets a .100 address no matter which VLAN I move it to.  Maybe that causes some problem.
#10
General Discussion / Re: default deny rule blocking...
Last post by multazimd - Today at 03:38:34 PM
We removed SNAT from F5 and put it in OPNSENSE. Additionally, We figured out it to be asymmetric traffic issue. Traffic was entering one interface and leaving other interface. We allowed sloppy state in firewall rule and it worked.