OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Recent Posts

Recent Posts

Pages: [1] 2 3 ... 10
1
18.1 Production Series / Re: Ugh... cannot make the software work
« Last post by mimugmail on Today at 07:09:29 am »
You gave the community not enough time to troubleshoot.

I'm quite sure DHCP and ARP is related to the migration is could easily be fixed with a reboot of the client machines. This can't be a huge issue.

Regarding pppoe we have to dig a bit deeper, reading logs, checking if VLANs are set etc. but this takes time.
2
General Discussion / Re: Time of Day Restrictions
« Last post by babzog on Today at 07:06:47 am »
Thanks for the tip.  However, I was not able to get the software to work at all, incl the dhcp server.. went back to smoothwall.
3
18.1 Production Series / Re: Ugh... cannot make the software work
« Last post by babzog on Today at 07:04:09 am »
Gave up after reading others were also having PPPoE issues with prior versions. Burned the latest image of smoothwall 3.1, installed, was up and running in less than 20min.  Hope the QA is tightened up on this project as it looks like it could be really good.
4
18.1 Production Series / Ugh... cannot make the software work
« Last post by babzog on Today at 03:27:45 am »
I was able to install it (easy enough once I logged in as installer) and finally got a connection from my laptop to the firewall but, I cannot seem to make it “go”.

* I entered my pppoe settings, it will not connect.
* I configured dhcp, it will not give out dynamic leases.
* If I reboot, I have to logon to the firewall and ping a static IP, seemingly to “activate” the network.

What on earth could be so screwed up here? Have I missed a series of spells? Does it smell my fear of FreeBSD?
5
Web Proxy Filtering and Caching / Re: pfsense Squidguard Group ACL equivalent in opnsense
« Last post by Fabricio on Today at 02:48:56 am »
Hello Gentlemen,
I´ve been thinking about it... I am also working and looking on something like this.
I was wondering if the "web-proxy-useracl" plugin could be modified in order to match the Blacklists File/name.
Check pictures attached, please.
It would go like this:
1- You create groups on Active Directory (AD).
2- You capture the AD groups on OPNSense (Menu System-->Access-->Users/groups)
3- You download your preferred Blacklist file and give it a "Name"
4- From the "Proxy Menu --> Administration --> Forward Proxy --> Authentication Settings" you choose AD Authentication.
5- From the "Proxy Menu --> Groups and Users " where is "Name", you should input the  "AD group" you want to match the Blacklist. Where is "DOMAINS" you should add the Blacklist Name you previously configured on step 3.

That way, you will have, not only the same squidguard ACL-GROUPS functionalities, but  something Absolutelly better, since on squidguard you have to deal with ldap-search lines that are pretty confusing and here it would be all "Web/Icons/Objects based"
Additionally, (just a suggestion) it would be great to add an extra field to the "Authentication menu" with a "CUSTOM AUTHENTICATION" so we can add whatever authentication we want like the Winbind SSO/Kerberos/WMI, etc.

Since we would be working with "existing variables", how hard would it be to make such changes?

There is one thing I don't know: Since opnsense doesn't use squidguard, I am wondering the compatible commands on it, like we have on squidguard (ldapsearch) to match "groups and users" to Blacklists.
(What product  opnsense is using to replace squidguard by the way?)

I am not good with php/mvc , so I can help with Money/UAT/Test support.

Gentlemen, OPNsense is already an absolutelly wonderful product, but that would raise it to a new level, since you only see features like this on "expensive & commercial" products like BlueCoat/Cisco/Fortinet etc.

Please let me know if someone would be interested. I am on the boat.  :-)

Fabricio.
6
German - Deutsch / Re: Routing Frage
« Last post by NicholasRush on Today at 02:41:32 am »
Wenn du für jedes WAN Interface ein Gateway hast, brauchst du doch nur beim Wifi Interface, unten in jeder Firewallregel, die zwingend über den LTE Gateway soll, das Gateway auszuwählen.
7
18.1 Production Series / Re: IPv6 routing/forwarding (?) Issues
« Last post by Dark-Sider on April 20, 2018, 10:54:09 pm »
Hi,

When I uncheck "only request a prefix" no ipv6 connectivity is established whatsoever. I also changed the prefix id to 1 on the lan interface if WAN would grab id 0. (also rebooted opnsense several times).

When I got home today ipv6 routing was working great, however half an hour ago or so it just stopped working, prefixes etc. stayed the same. I noticed that IPv6 routing died as several websited wouldn't load since the browser had used v6 for them apparently.

I checked some logs on the opnsense box and found this:
Code: [Select]
Apr 19 22:20:12 OPNsense apinger: No usable targets found, exiting
Apr 19 22:21:43 OPNsense apinger: Starting Alarm Pinger, apinger(40601)
Apr 19 22:21:43 OPNsense apinger: No usable targets found, exiting
Apr 19 22:21:50 OPNsense apinger: Starting Alarm Pinger, apinger(44357)
Apr 19 22:21:50 OPNsense apinger: No usable targets found, exiting
Apr 19 22:21:56 OPNsense apinger: Starting Alarm Pinger, apinger(33336)
Apr 19 22:21:56 OPNsense apinger: No usable targets found, exiting
Apr 19 22:21:56 OPNsense apinger: Starting Alarm Pinger, apinger(51798)
Apr 19 22:21:56 OPNsense apinger: No usable targets found, exiting
Apr 20 22:21:47 OPNsense apinger: Starting Alarm Pinger, apinger(65383)
Apr 20 22:21:47 OPNsense apinger: No usable targets found, exiting

so apinger was dead for like 24 hrs and when it started my v6 routing died - could this be related? Can I start this tool manually What actually does apinger do?

EDIT:
So I did more digging through the logs: ppps.log shows that my Internet-connection was reset after 24 hrs of online-time. This was (until recently) usual behaviour in Germany, however my plan should not have any timed disconnects. I'll have to open a ticket with my provider.

ppps.log, showing the 24hrs disconnect (look at the day):
Code: [Select]
Apr 19 22:21:38 OPNsense ppp: [wan]   93.104.101.XX -> 82.135.16.28
Apr 20 22:21:36 OPNsense ppp: [wan_link0] LCP: rec'd Terminate Request #133 (Opened)

However the pppoe connection is reestablished shorty after the disconnect and the same IPv4 address is issued.
dhcpd.log shows that a NEW v6 prefix was received.

The public v6 address on the LAN-Interface however won't update! It stayed the same and is still the old v6 address (as I'm typing). So there might be some kinks with the "track interface" once the pppoe connection get's reset.

DHCPD.log now looks like this, every few minutes a NEW /56 is received - however the LAN interface or the LAN clients won't get updated
Code: [Select]
Apr 20 23:24:56 OPNsense dhcp6c[61772]: Sending Solicit
Apr 20 23:24:56 OPNsense dhcp6c[61772]: set client ID (len 14)
Apr 20 23:24:56 OPNsense dhcp6c[61772]: set elapsed time (len 2)
Apr 20 23:24:56 OPNsense dhcp6c[61772]: set option request (len 4)
Apr 20 23:24:56 OPNsense dhcp6c[61772]: set IA_PD prefix
Apr 20 23:24:56 OPNsense dhcp6c[61772]: set IA_PD
Apr 20 23:24:56 OPNsense dhcp6c[61772]: send solicit to ff02::1:2%pppoe0
Apr 20 23:24:56 OPNsense dhcp6c[61772]: reset a timer on pppoe0, state=SOLICIT, timeo=38, retrans=126960
Apr 20 23:24:56 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:9200::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:24:56 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:24:56 OPNsense dhcp6c[62386]: Sending Solicit
Apr 20 23:24:56 OPNsense dhcp6c[62386]: set client ID (len 14)
Apr 20 23:24:56 OPNsense dhcp6c[62386]: set elapsed time (len 2)
Apr 20 23:24:56 OPNsense dhcp6c[62386]: set option request (len 4)
Apr 20 23:24:56 OPNsense dhcp6c[62386]: set IA_PD prefix
Apr 20 23:24:56 OPNsense dhcp6c[62386]: set IA_PD
Apr 20 23:24:56 OPNsense dhcp6c[62386]: send solicit to ff02::1:2%pppoe0
Apr 20 23:24:56 OPNsense dhcp6c[62386]: reset a timer on pppoe0, state=SOLICIT, timeo=38, retrans=126960
Apr 20 23:24:56 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:24:56 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:9200::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:24:56 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:24:56 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:25:38 OPNsense dhcp6c[40907]: Sending Solicit
Apr 20 23:25:38 OPNsense dhcp6c[40907]: set client ID (len 14)
Apr 20 23:25:38 OPNsense dhcp6c[40907]: set elapsed time (len 2)
Apr 20 23:25:38 OPNsense dhcp6c[40907]: set option request (len 4)
Apr 20 23:25:38 OPNsense dhcp6c[40907]: set IA_PD prefix
Apr 20 23:25:38 OPNsense dhcp6c[40907]: set IA_PD
Apr 20 23:25:38 OPNsense dhcp6c[40907]: send solicit to ff02::1:2%pppoe0
Apr 20 23:25:38 OPNsense dhcp6c[40907]: reset a timer on pppoe0, state=SOLICIT, timeo=518, retrans=127512
Apr 20 23:25:38 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:25:38 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:25:38 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:25:38 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:25:38 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:25:38 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:25:38 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:25:38 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:25:38 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:a400::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:25:38 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:25:38 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:27:03 OPNsense dhcp6c[61772]: Sending Solicit
Apr 20 23:27:03 OPNsense dhcp6c[61772]: set client ID (len 14)
Apr 20 23:27:03 OPNsense dhcp6c[61772]: set elapsed time (len 2)
Apr 20 23:27:03 OPNsense dhcp6c[61772]: set option request (len 4)
Apr 20 23:27:03 OPNsense dhcp6c[61772]: set IA_PD prefix
Apr 20 23:27:03 OPNsense dhcp6c[61772]: set IA_PD
Apr 20 23:27:03 OPNsense dhcp6c[61772]: send solicit to ff02::1:2%pppoe0
Apr 20 23:27:03 OPNsense dhcp6c[61772]: reset a timer on pppoe0, state=SOLICIT, timeo=39, retrans=120360
Apr 20 23:27:03 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:a400::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:27:03 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:27:03 OPNsense dhcp6c[62386]: Sending Solicit
Apr 20 23:27:03 OPNsense dhcp6c[62386]: set client ID (len 14)
Apr 20 23:27:03 OPNsense dhcp6c[62386]: set elapsed time (len 2)
Apr 20 23:27:03 OPNsense dhcp6c[62386]: set option request (len 4)
Apr 20 23:27:03 OPNsense dhcp6c[62386]: set IA_PD prefix
Apr 20 23:27:03 OPNsense dhcp6c[62386]: set IA_PD
Apr 20 23:27:03 OPNsense dhcp6c[62386]: send solicit to ff02::1:2%pppoe0
Apr 20 23:27:03 OPNsense dhcp6c[62386]: reset a timer on pppoe0, state=SOLICIT, timeo=39, retrans=120360
Apr 20 23:27:03 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:27:03 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:a400::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:27:03 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:27:03 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:27:45 OPNsense dhcp6c[40907]: Sending Solicit
Apr 20 23:27:45 OPNsense dhcp6c[40907]: set client ID (len 14)
Apr 20 23:27:45 OPNsense dhcp6c[40907]: set elapsed time (len 2)
Apr 20 23:27:45 OPNsense dhcp6c[40907]: set option request (len 4)
Apr 20 23:27:45 OPNsense dhcp6c[40907]: set IA_PD prefix
Apr 20 23:27:45 OPNsense dhcp6c[40907]: set IA_PD
Apr 20 23:27:45 OPNsense dhcp6c[40907]: send solicit to ff02::1:2%pppoe0
Apr 20 23:27:45 OPNsense dhcp6c[40907]: reset a timer on pppoe0, state=SOLICIT, timeo=519, retrans=125580
Apr 20 23:27:45 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:27:45 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:27:45 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:27:45 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:27:45 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:27:45 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:27:45 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:27:45 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:27:45 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:b600::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:27:45 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:27:45 OPNsense dhcp6c[22061]: XID mismatch
Apr 20 23:29:03 OPNsense dhcp6c[61772]: Sending Solicit
Apr 20 23:29:03 OPNsense dhcp6c[61772]: set client ID (len 14)
Apr 20 23:29:03 OPNsense dhcp6c[61772]: set elapsed time (len 2)
Apr 20 23:29:03 OPNsense dhcp6c[61772]: set option request (len 4)
Apr 20 23:29:03 OPNsense dhcp6c[61772]: set IA_PD prefix
Apr 20 23:29:03 OPNsense dhcp6c[61772]: set IA_PD
Apr 20 23:29:03 OPNsense dhcp6c[61772]: send solicit to ff02::1:2%pppoe0
Apr 20 23:29:03 OPNsense dhcp6c[61772]: reset a timer on pppoe0, state=SOLICIT, timeo=40, retrans=129864
Apr 20 23:29:03 OPNsense dhcp6c[22061]: receive advertise from fe80::5a00:bbff:fe09:f8b0%pppoe0 on pppoe0
Apr 20 23:29:03 OPNsense dhcp6c[22061]: get DHCP option client ID, len 14
Apr 20 23:29:03 OPNsense dhcp6c[22061]:   DUID: 00:01:00:01:22:67:cd:3e:00:0c:29:8c:38:00
Apr 20 23:29:03 OPNsense dhcp6c[22061]: get DHCP option server ID, len 26
Apr 20 23:29:03 OPNsense dhcp6c[22061]:   DUID: 00:02:00:00:05:83:35:38:3a:30:30:3a:62:62:3a:30:39:3a:66:66:3a:63:63:00:00:00
Apr 20 23:29:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD, len 41
Apr 20 23:29:03 OPNsense dhcp6c[22061]:   IA_PD: ID=0, T1=1800, T2=2880
Apr 20 23:29:03 OPNsense dhcp6c[22061]: get DHCP option IA_PD prefix, len 25
Apr 20 23:29:03 OPNsense dhcp6c[22061]:   IA_PD prefix: 2001:a61:47b:b600::/56 pltime=3600 vltime=8199546692136082464
Apr 20 23:29:03 OPNsense dhcp6c[22061]: get DHCP option DNS, len 32
Apr 20 23:29:03 OPNsense dhcp6c[22061]: XID mismatch

Edit2:
just now - a few minutes ago - a new ipv6 prefix was propagated to my LAN and LAN-IF. Here is the system log from the relavant time frame. Interestingly "rc.newwanipv6" was just executed before connectivity was restored:

Code: [Select]
Apr 20 22:21:44 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: IP renewal is starting on 'pppoe0'
Apr 20 22:21:44 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: On (IP address: fe80::2c40:3052:ceaf:5446) (interface: MNET[wan]) (real interface: pppoe0).
Apr 20 22:21:46 OPNsense opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'pppoe0'
Apr 20 22:21:46 OPNsense opnsense: /usr/local/etc/rc.newwanip: On (IP address: 93.104.101.XX) (interface: MNET[wan]) (real interface: pppoe0).
Apr 20 22:21:46 OPNsense opnsense: /usr/local/etc/rc.newwanip: Accept router advertisements on interface pppoe0
Apr 20 22:21:47 OPNsense opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'wan'
Apr 20 22:21:47 OPNsense opnsense: /usr/local/etc/rc.newwanip: ROUTING: no IPv4 default gateway set, trying wan on 'pppoe0' (82.135.16.28)
Apr 20 22:21:47 OPNsense opnsense: /usr/local/etc/rc.newwanip: ROUTING: no IPv6 default gateway set, trying wan on 'pppoe0' (fe80::5a00:bbff:fe09:f8b0)
Apr 20 22:21:47 OPNsense opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv4 default route to 82.135.16.28
Apr 20 22:21:47 OPNsense opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv6 default route to fe80::5a00:bbff:fe09:f8b0
Apr 20 22:21:48 OPNsense ipsec_starter[79816]: configuration 'con1' unrouted
Apr 20 22:21:48 OPNsense ipsec_starter[79816]:
Apr 20 22:21:48 OPNsense opnsense: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface MNET.
Apr 20 22:21:48 OPNsense kernel: ovpnc1: link state changed to DOWN
Apr 20 22:21:49 OPNsense ipsec_starter[79816]: 'con1' routed
Apr 20 22:21:49 OPNsense ipsec_starter[79816]:
Apr 20 22:21:52 OPNsense opnsense: /usr/local/etc/rc.newwanip: Dynamic DNS (xxx): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Apr 20 22:21:53 OPNsense kernel: ovpnc1: link state changed to UP
Apr 20 22:21:53 OPNsense opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'ovpnc1'
Apr 20 22:21:53 OPNsense opnsense: /usr/local/etc/rc.newwanip: Interface '' is disabled or empty, nothing to do.
Apr 20 22:32:16 OPNsense opnsense: /index.php: Session timed out for user 'root' from:
Apr 20 22:32:19 OPNsense opnsense: /index.php: Web GUI authentication error for 'root' from
Apr 20 22:32:23 OPNsense opnsense: /index.php: Successful login for user 'root' from:
Apr 20 22:43:18 OPNsense opnsense: user 'root' could not authenticate.
Apr 20 22:43:18 OPNsense sshd[7223]: error: PAM: authentication error for root from
Apr 20 22:43:18 OPNsense sshd[7223]: error: PAM: authentication error for root from
Apr 20 22:43:21 OPNsense opnsense: user 'root' authenticated successfully
Apr 20 22:43:21 OPNsense sshd[7223]: Accepted keyboard-interactive/pam for root from port 49181 ssh2
Apr 20 22:54:35 OPNsense kernel: pid 9128 (apinger), uid 65534: exited on signal 11
Apr 20 23:52:00 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: IP renewal is starting on 'pppoe0'
Apr 20 23:52:00 OPNsense opnsense: /usr/local/etc/rc.newwanipv6: On (IP address: fe80::2c40:3052:ceaf:5446) (interface: MNET[wan]) (real interface: pppoe0).

regards,
Fabian
8
General Discussion / Re: Syslog over TLS
« Last post by erickufrin on April 20, 2018, 10:15:07 pm »
Excellent. thank you for working on/towards this. I will watch for it in 18.7.
9
17.7 Legacy Series / Bridging vlans - 17.7
« Last post by bhawk on April 20, 2018, 08:39:23 pm »
Hello
I would like to get some help regarding a little problem i am facing. I create bridge0 and assign 2 interfaces igb6 and igb7 to it. Connecting 2 systems to these ports and they are able to ping each other (both of 10.10.10.0/24 series for testing).
Next i create vlan_igb5 with parent interface igb5 and vlan_igb6 with parent igb6. Remove parent interfaces from bridge0 and assign vlans created above to the bridge, i can't seem to ping no matter what. Can anyone please guide what is wrong?
P.s: created rules for parents as well as bridge and vlans allowing all traffic.
Also tcpdump shows nothing whatsoever for bridge as well as vlans after being assigned to bridge.
10
18.1 Production Series / NAT / Fake IP / IP rewriting from internal to dmz-vlan
« Last post by SiD67 on April 20, 2018, 07:55:13 pm »
Hi,

I am using OPNSense with a FritzBox as a DSL Modem for WAN connection.
I had connected the Fritzbox to WAN-Side on OPNSense and also connected to my internal LAN network, so I was able to login to the Fritzbox to watch the DSL-Status.

But I don´t want the Fritzbox to "see" my internal network and its devices, so I have created an vlan interface on opnsense and switch etc. for the fritzbox.

I am able to ping the Fritzbox from the vlan interface on my opnsense (interface / diagnostics) but i am not able to access it from my lan. A rule for allowing access from lan to everywhere exists.
Also a ping from my lan to the opnsense adress on the vlan-interface works.
I think the FB is blocking access to it from outside its own network.

So I am trying to implement nat or something to fake the ip accessing the fritzbox, so it looks like its coming from fritzbox internal network.

I tried port forwarding on LAN with a fake-ip to the real-ip but no success so far.

Someone got a solution for me ;)

Sorry for bad english ;)

Regards,

Dennis
Pages: [1] 2 3 ... 10
OPNsense is an OSS project © Deciso B.V. 2015 - 2018 All rights reserved
  • SMF 2.0.15 | SMF © 2017, Simple Machines | XHTML | RSS | WAP2