Opnsense doesnt seem to work

Started by IvanBliminse, June 05, 2020, 01:42:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 05, 2020, 01:42:28 PM
Hey guys, I set up opnsense correctly and I am using clamav plugin to detect malicious threats. When I look at the logs, no WAN traffic seems to pass through opnsense, and clamav doesnt work either when I goto eicar's website. The issue I think is that opnsense is not getting any traffic from the wifi devices on my network, do i need to somehow setup my router to route all traffic through opnsense firewall? When I launch the vm, it can ping hostnames correctly too, and it can ping devices on my network too. Yet I don't know if the firewall is working?? I am a complete beginner btw.
June 05, 2020, 02:28:03 PM #1
Hey there,

you should describe your network setup more detailed to get some help...
How are clients and WAN connected to opensense? Is your 2nd router the WAN modem?
Where are wifi devices connected to?

What logs did you look at to think there is no traffic to pass through? Firewall logs?
Maybe default allow is not set to be logged?

Clamav will not check traffic until you setup a proxy. Did you?
i am not an expert... just trying to help...
June 06, 2020, 02:27:34 AM #2
Quote from: tiermutter on June 05, 2020, 02:28:03 PM
Hey there,

you should describe your network setup more detailed to get some help...
How are clients and WAN connected to opensense? Is your 2nd router the WAN modem?
Where are wifi devices connected to?

What logs did you look at to think there is no traffic to pass through? Firewall logs?
Maybe default allow is not set to be logged?

Clamav will not check traffic until you setup a proxy. Did you?

Hold on...I need to enable web proxy before clamav will be used? If yes I did not know this. I don't believe the doc explains this clearly. If I setup transparent http proxy will clamav be engaged? Do I need icap at that point?
June 06, 2020, 10:41:28 AM #3
Quote from: spetrillo on June 06, 2020, 02:27:34 AM
Hold on...I need to enable web proxy before clamav will be used? If yes I did not know this. I don't believe the doc explains this clearly. If I setup transparent http proxy will clamav be engaged? Do I need icap at that point?

Yes, you need to setup web proxy and cache. But everything is explained in this doc:
https://docs.opnsense.org/manual/how-tos/proxyicapantivirusinternal.html
i am not an expert... just trying to help...
Print
Go Up Pages1
User actions