"Recent posts
#21
German - Deutsch / Re: UPnP / PCP Port Mapping Op...
Last post by bamf - December 04, 2025, 09:38:52 PMZweite Frage habe ich wohl beantwortet. Ich konnte von einem anderen Gerät ein Portmapping auf die 192.168.100.20 anlegen, nicht jedoch auf andere Adressen. Die ACL bestimmt also nur, welche Ports auf welchen Geräten geöffnet werden können.
Wie kann ich also das Gerät 192.168.100.20 zum "Master" machen, so dass es Portweiterleitungen auf alle anderen Geräte im Netzwerk anlegen kann?
Wie kann ich also das Gerät 192.168.100.20 zum "Master" machen, so dass es Portweiterleitungen auf alle anderen Geräte im Netzwerk anlegen kann?
#22
25.7, 25.10 Series / Re: OPNsense dies every 24th h...
Last post by TomasL - December 04, 2025, 09:33:35 PMYes I did.
#23
German - Deutsch / UPnP / PCP Port Mapping Option...
Last post by bamf - December 04, 2025, 09:30:03 PMHallo,
mit dem 25.7.9 Update gibt es neue Optionen für das UPnP IGD & PCP Port Mapping.
Erste Frage:
"The access control list (ACL) specifies which IP addresses and ports can be mapped. IPv6 is currently always accepted unless disabled."
Also kann ich hier keine Regel für IPv6 definieren? Ich habe ACLs definiert, damit nur bestimmte Hosts bestimmte Ports öffnen dürfen. Ich muss also IPv6 Mapping komplett deaktivieren, wenn ich nicht möchte, dass irgendwelche Geräte irgendwelche Regeln erstellen dürfen?
Zweite Frage:
"Allow third-party mapping: Allow adding port maps for non-requesting IP addresses."
Bedeutet das, ich lege nun eine ACL an, z.B. "allow 1-65535 192.168.100.20/32 1-65535" und dieses Gerät darf dann Port Mappings auf jede IP-Adresse anlegen? Oder lege ich damit komplett die ACLs lahm?
mit dem 25.7.9 Update gibt es neue Optionen für das UPnP IGD & PCP Port Mapping.
Erste Frage:
"The access control list (ACL) specifies which IP addresses and ports can be mapped. IPv6 is currently always accepted unless disabled."
Also kann ich hier keine Regel für IPv6 definieren? Ich habe ACLs definiert, damit nur bestimmte Hosts bestimmte Ports öffnen dürfen. Ich muss also IPv6 Mapping komplett deaktivieren, wenn ich nicht möchte, dass irgendwelche Geräte irgendwelche Regeln erstellen dürfen?
Zweite Frage:
"Allow third-party mapping: Allow adding port maps for non-requesting IP addresses."
Bedeutet das, ich lege nun eine ACL an, z.B. "allow 1-65535 192.168.100.20/32 1-65535" und dieses Gerät darf dann Port Mappings auf jede IP-Adresse anlegen? Oder lege ich damit komplett die ACLs lahm?
#24
25.7, 25.10 Series / Re: OPNsense dies every 24th h...
Last post by Patrick M. Hausen - December 04, 2025, 09:23:39 PMDid you install the vendor driver plugin for Realtek NICs?
#25
General Discussion / Re: use traffic shaper in fire...
Last post by franco - December 04, 2025, 09:19:42 PMYou're the one who's helping. Thanks!
#26
General Discussion / Re: Please Make a Donation to ...
Last post by franco - December 04, 2025, 09:18:20 PMYay, thank you very much (this reply better late than never) :)
#27
25.7, 25.10 Series / Re: Unbound error
Last post by spraysn - December 04, 2025, 09:17:21 PMThanks alot! Have a nice evening!
#28
25.7, 25.10 Series / Re: Unbound error
Last post by franco - December 04, 2025, 09:15:46 PMThanks, that helps. I think this was introduced in 25.7.8.
We'll fix it, but nothing that needs immediate attention (which I'm trying to look out for on a release day such as today).
Cheers,
Franco
We'll fix it, but nothing that needs immediate attention (which I'm trying to look out for on a release day such as today).
Cheers,
Franco
#29
Hardware and Performance / Re: N150 / N355 good fits?
Last post by OPNenthu - December 04, 2025, 09:13:09 PMI wonder, is it better to have fewer (2x) but higher frequency P-cores vs. 4x or 8x "normal" cores for OPNsense?
How do you feel about their i3/i5/i7 line (VP66xx)? They are not fanless and of course cost more, but idle TDP is 12W (100W max) per the product sheets. Also dual channel, though not sure if that makes a big difference.
Would you still take the VP2440 over a VP6650 if price were the same?
Quote from: dirtyfreebooter on November 28, 2025, 04:09:43 AMif zenarmor had decent multi-core processing, a N150 would maybe do 10g, a N305/N355 almost certainly.
Quote from: dirtyfreebooter on November 28, 2025, 04:09:43 AMi wish protectli had an N355 version
How do you feel about their i3/i5/i7 line (VP66xx)? They are not fanless and of course cost more, but idle TDP is 12W (100W max) per the product sheets. Also dual channel, though not sure if that makes a big difference.
Would you still take the VP2440 over a VP6650 if price were the same?
#30
High availability / Re: Packet loss on HA backup f...
Last post by Monviech (Cedrik) - December 04, 2025, 08:59:27 PMCheck the CAM tables of your switches, most likely there is some MAC address learning issue at play.
Follow the troubleshooting guide:
https://docs.opnsense.org/manual/how-tos/carp.html#troubleshooting
Follow the troubleshooting guide:
https://docs.opnsense.org/manual/how-tos/carp.html#troubleshooting
