Recent Posts

Pages: [1] 2 3 ... 10

German - Deutsch / Re: Wo und wie fange ich nur an...?

« Last post by inkasso on Today at 02:09:30 pm »

Ok... kleiner Nachtrag.

Die Jungs für die FTTH-Dose waren da. Konnten die vorhandenen leerRohre nicht nutzen und werden nun "demnächst" die Leitung über die Außenfassade legen.

Was mich aber viel mehr ärgert ist eine Aussage, die mir bei der Telekom leider nur zu gut ins Bild passt :-|
"Die alte Kupferverdrahtung zwischen Haus und Verteiler wird nicht auf die neue Technik mit aufgelegt".

Resultat ist also: entweder weiter Kriech Internet oder Glasfaser.
Unser DSL war immer nur so lahm, weil die Kupferverdrahtung zwischen zwei Verteilern der Telekom defekt war. Bis zum Verteiler ist unsere Leitung nämlich gar nicht so lang... Und nu hatte ich doch gehofft, die alte Technik wird weiter betrieben und im Anschlusskasten dann über die neuen Glasfaserleitungen geroutet, die sie eh zwischen den Verteilern legen mussten...

Jetzt muss ich also noch sehen, wo ich kurzfristig einen passenden ONT her bekomme, weil ich den von der Telekom ja nicht nutzen will UND keinen in eine Fritbox eingebauten möchte... :-/

Virtual private networks / Re: Problem mit IPsec Policy based VPN

« Last post by atom on Today at 02:08:56 pm »

Ich habe den Route-Based-Tunnel mal testhalber abgeschaltet, so dass der auch im netstat nicht mehr auftaucht. Das Verhalten von dem Policy-Based-Tunnel ist immer noch identisch (falsch).

Virtual private networks / Re: Problem mit IPsec Policy based VPN

« Last post by atom on Today at 01:35:52 pm »

Der Route-Based-Tunnel funktioniert problemlos. Den habe ich nach der Anleitung hier aufgesetzt:
https://wiki.opnsense.org/manual/how-tos/ipsec-s2s-route.html

Virtual private networks / Re: Problem mit IPsec Policy based VPN

« Last post by mimugmail on Today at 01:32:08 pm »

Der Tunnel ist falsch aufgesetzt wo wie ich das sehe ...

Virtual private networks / Re: Problem mit IPsec Policy based VPN

« Last post by atom on Today at 01:27:02 pm »

Die Route-Based-Tunnel laufen über das ipsec100 .

Virtual private networks / Re: Problem mit IPsec Policy based VPN

« Last post by mimugmail on Today at 01:17:35 pm »

Wo ist der route-based tunnel?

General Discussion / Re: How do I extract content of a FreeBSD package?

« Last post by Taomyn on Today at 12:41:27 pm »

So I switched from CSV to TSV thinking that maybe handling a tab character would be easier and as a test I just tried this and it still does not work:

Code: [Select]

echo $test_output_1 | awk '{gsub("\t","@")} {print}'
Is there actually something wrong with awk in the build because it's not working even for things it shows in it's man page:

Code: [Select]


SYNOPSIS
     awk [-safe] [-V] [-d[n]] [-F fs] [-v var=value] [prog | -f progfile]
         file ...


DESCRIPTION
     awk scans each input file for lines that match any of a set of patterns
     specified literally in prog or in one or more files specified as -f
     progfile.  With each pattern there can be an associated action that will
     be performed when a line of a file matches the pattern.  Each line is
     matched against the pattern portion of every pattern-action statement;
     the associated action is performed for each matched pattern.  The file
     name `-' means the standard input.  Any file of the form var=value is
     treated as an assignment, not a filename, and is executed at the time it
     would have been opened if it were a filename.


     The options are as follows:


     -d[n]   Debug mode.  Set debug level to n, or 1 if n is not specified.  A
             value greater than 1 causes awk to dump core on fatal errors.


     -F fs   Define the input field separator to be the regular expression fs.


     -f progfile
             Read program code from the specified file progfile instead of
             from the command line.


     -safe   Disable file output (print >, print >>), process creation (cmd |
             getline, print |, system) and access to the environment (ENVIRON;
             see the section on variables below).  This is a first (and not
             very reliable) approximation to a "safe" version of awk.


     -V      Print the version number of awk to standard output and exit.


     -v var=value
             Assign value to variable var before prog is executed; any number
             of -v options may be present.


     The input is normally made up of input lines (records) separated by
root@bart:/var/prtg/scriptsxml # awk -V
awk: unknown option -V ignored


awk: no program given

Virtual private networks / IPsec questions

« Last post by atom on Today at 12:28:49 pm »

Hello,

I still have two questions of understanding:

1.) Why do I always get the following error messages in the IPsec log when using VTI ? I do not get any messages on the remote site.

<snip>
Sep 24 11:59:34 opnsense charon[73787]: 09[KNL] <con1|20> querying policy 0.0.0.0/0 === 0.0.0.0.0/0 in failed, not found
Sep 24 11:59:34 opnsense charon [73787]: 09 [KNL] <con1|20> querying policy 0.0.0.0/0 === 0.0.0.0.0/0 out failed, not found
</snip>

2.) Why is it that when using Let's Encrypt and IPsec with PSK ( without certificates )
a) Is the file chain.pem copied from the acme-cacerts directory to the ipsec-cacerts directory ?
b) Is this certificate sent to the remote peer despite the use of PSK ?

<snip>
Sep 24 11:59:37 opnsense charon[73787]: 10[IKE] <22> sending cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
</snip>

Many greetings,
atom

Translated with www.DeepL.com/Translator (free version)

General Discussion / Re: Unbound DNS Enable Forwarding Mode does not work as expected

« Last post by franco on Today at 12:22:44 pm »

Hi,

If name: "." is set it can't use root or ISP servers since they are not configured and everything is pushed to the forward-addr: 10.67.1.2

Please do check whether Unbound answers queries from your clients.

Cheers,
Franco

20.7 Production Series / Re: SOLVED: OpenVPN not allowing Internet traffic for client after reboot

« Last post by thebraz on Today at 12:04:40 pm »

If someone should have the same problem:

I restarted from scratch and configured the OpenVPN server exactly as in the OpnSense guide:

https://docs.opnsense.org/manual/how-tos/sslvpn_client.html

apart from the OTP part that I left out.

This way I got a working VPN, capable of RDPing, for example, with split tunneling.

When I want all traffic to go through the tunnel I simply add

redirect-gateway def1

in the client configuration and the system works that way too (using OpenVPN client 2.5 rc1).

Best Wishes

Pages: [1] 2 3 ... 10