OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Recent Posts

Recent Posts

Pages: [1] 2 3 ... 10
1
Virtual private networks / openvpn - need help to change IPv4 Tunnel Network
« Last post by jojothehumanmonkey on Today at 08:05:25 pm »
hello and thanks,

i have to connect to another openvpn server that uses.

Code: [Select]
IPv4 Address. . . . . . . . . . . : 10.10.0.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 10.10.0.1

my opnsense router for the openvpn connection uses
Code: [Select]
IPv4 Tunnel Network 10.10.0.0/24

so i need to change the setting for opnsense but not sure what to change it without locking myself out of the router.
would this work?
Code: [Select]
10.11.0.0/24
and if i make that change, do i need to re-export all the client config files?

thanks so much,
2
21.1 Production Series / 21.1.5- After Update VPN States Stuck
« Last post by onibr on Today at 07:43:58 pm »
Good Afternoon,

I'm new to the forum and I'm using Opensense at home done the update to the latest version 21.1.5 last saturday.
Now i'm having issues to connect two clients that are behind the firewall to the same VPN server.
Let me explain better, I have to use two devices to work as I dont have enough screens, so I use 1 laptop and 1 desktop.
The laptop is connected via Wifi and the desktop is connected via ethernet and they are both behind the Opensense firewall.
Opensense handles the public IP ( ISP Router in Modem Mode ).
Before the update i was able to connect both devices to my work VPN without any issues.
After this update I'm only able to connect one of the devices, I already checked with work sysadmin and network team and there is nothing restricting my connection or the number of devices that can connect to their VPN server.The server uses PPTP.
If I connect my laptop to the VPN, I cannot connect the desktop to the VPN, it gets connection timeout.
To connect the other device to the VPN i need to disconnect the previous one, go to the Opensense-> diagnostics -> States Dump -> Filter by the VPN IP and kill all the states.
Looking at the states dump after I tried to connect both devices ( while one is already connected ) I can see that some states show NO_TRAFFIC.
The states that show NO_TRAFFIC are related to the device that cannot connect to the VPN.

Seems that somehow they are getting stuck, they are both seem to be trying to reach the VPN server on port 1723 and using GRE.
I dont know why this is happening or why those are getting stuck.
Please let me know if you need any logs.
3
21.1 Production Series / Re: 21.1.5 Suricata broken (NIC issue)
« Last post by binaryanomaly on Today at 07:38:25 pm »
I think I found the hyperscan issue. Although I can't tell for sure cos I'm using a different NIC now I'm pretty sure it has the same root cause:

Proxomox by default suggests the kvm64 cpu type. This seems a generic cpu type optimized for compatibility and portability that lacks many modern instructions and optimisations.

As soon as I changed cpu type to "host" hyperscan started working. Hope this might help once somebody else.
4
German - Deutsch / Re: Probleme mit NTP + kein IPv6-Präfix
« Last post by psychofaktory on Today at 07:07:15 pm »
Mir ist eben aufgefallen dass der Fehler seit Thread-Erstellung eben wieder aufgetreten ist.

im ntpd-Protokoll steht folgendes:
Code: [Select]
2021-05-12T19:00:03 ntpd[71141] receive: Unexpected origin timestamp 0xe4468813.3c7638f4 does not match aorg 0000000000.00000000 from server@2001:638:a000:1123:123::2 xmt 0xe4468813.6915f562
Code: [Select]
2021-05-12T18:59:56 ntpd[71141] kernel reports TIME_ERROR: 0x4041: Clock Unsynchronized
Außerdem ist mir unter "Schnittstellen" -> "Überblick" bei der WAN-Schnittstelle aufgefallen, dass dort kein vom Provider zugewiesener IPv6-Präfix mehr angezeigt wird.
Ich habe die PPPoE-Verbindung nochmal neu laden lassen, aber erhalte dennoch keinen Präfix mehr.
Das finde ich auch etwas merkwürdig.

Provider ist die Deutsche Telekom; mein Tarif ist Magenta Zuhause L (VDSL100); als Modem wird ein Draytek Vigor 166 im Bridge-Modus eingesetzt. PPPoE-Einwahl und VLAN7-tagging übernimmst die OPNsense.


Was stimmt hier nicht?
5
21.1 Production Series / Re: Slow Download, Fast Upload
« Last post by marcquark on Today at 06:35:46 pm »
Raise it as an issue on Github, the Core team is usually open to pulling in bugfixes like that
6
21.1 Production Series / Re: Unable to start DHCP6 after reboot. 21.1.5
« Last post by JamesFrisch on Today at 06:35:41 pm »
It seems to be an issue with the new core CISCO switches from my ISP.
7
21.1 Production Series / Re: Slow Download, Fast Upload
« Last post by joshland on Today at 06:24:23 pm »
..... yeah, Unless someone ports the patches to the Hardened Kernel, that ain't going to happen.

I am going to check out IPFire for the moment.
8
German - Deutsch / Re: Bestes LTE / 5G Modul für nur Funk Anbindung
« Last post by mimugmail on Today at 06:01:51 pm »
Ich hätte gesagt Huawei, aber die werden bei 5G ja blockiert. Leider keine Erfahrungswerte meinerseits
9
German - Deutsch / Re: CARP auf Hyper-V Server mit NIC Teaming
« Last post by BlueCasket on Today at 06:00:37 pm »
Hallo liceo,

aller-aller besten Dank für diesen wirklich wertvollen Hinweis. Wir hatten exakt das gleiche Problem und das ist die Lösung!
Ohne den Post hätten wir noch sehr lange suchen können! Perfekt!! Danke!!!
10
21.1 Production Series / Re: Upgrade from 19.1.7 to 21.1
« Last post by Smack2k on Today at 05:51:09 pm »
My apologies for not responding sooner, but thank you very much for the information.  I appreciate it.

Going to go through the upgrades this weekend.

If I backup my config on 19.1.7, can I restore that config to 21.1 install?
Pages: [1] 2 3 ... 10
OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.18 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2