Weird behaviour with OpnSense

[boomix]

I am running into really odd issue.

Background:
I am running community version OPNsense 24.1.10_8-amd64 on Dell Intel i3 10K, with 8 GB of ram and an SSD HDD. It is using integrated network card and I've added another one so it can function as a firewall machine.

I have enabled WireGuard for VPN and that works great even though I had somehow two users using same VPN IP but that has been found and fixed.

There are a few servers and I also have ProxMox server behind the OpnSense with Ubuntu Server VM.


This is where problems start.

When I try to compile a program that has to pull down an image or download anything that is bigger than 100mb I get into 1/2 dead connectivity.

What happens is that all communications cease so if I had remote desktop to a windows server that connection will drop and I can't reconnect, I can't establish any new SSH connections nor RDP sessions or see server shares I could.

However I am still able to view the OpnSense interface and if I issue reboot command from there everything goes back to normal.

We have 100mbit dedicated connection so that's not an issue. I suspect machine I'm using is the culprit. Any suggestions?

[Greg_E]

I would probably try upgrading to the latest version which is 24.7.xxx

That said, I'm not doing any of the things you are doing, and I'm running Business which is "behind" the current version.

Make sure to back up your config, and make sure you have have an image of the older versions so you can get back if things go bad.

[boomix]

I will try the upgrade path but I may have confirmed that there is at least an interaction between ProxMox server hosting the VM and the OpnSense firewall.

I configured my ProxMox to run over old GW which runs over now defunct firewall (Fortigate E60) and I didn't experience any of the issues associated when I send it over OpnSense IP address.

I'll try upgrade path tonight.

Thanks.

[newsense]

Crowdsec running ? If yes turn it off and see if the issues persist.

[boomix]

Crowdsec isn't installed. I wonder if it is hardware on this computer.

[boomix]

Well it just failed when I tried to send 1.6 GB file over fiber using SCP. I do have  IDS enabled I wonder if I have misconfigured or if it is too aggressive for the machine running the OpnSense?