Sensei on OPNsense - Application based filtering

[mb]

Hi GreenMatter,

This is being done for Mongodb. Elasticsearch will be next for 1.7. Thanks for the suggestion.

[GreenMatter]

This is being done for Mongodb. Elasticsearch will be next for 1.7. Thanks for the suggestion.

Thanks @mb.
Thus which DB is recommended?

[mb]

We recommend Elasticsearch once there are hardware resources.

Index checks were implemented for Mongodb since we were reported more index problems for Mongodb than for Elasticsearch.

[SoWhat!]

Hi folks,

I've been searched the whole forum, but I cannot find an post fit's to my "problem".

I bought a Home License to run different Policies for my kids and our devices, which isn't possible with the Free License. So I configured the Default Policy with the most restrictive settings which works fine and without any issues. So far so good. A new Policy was configured with less restrictions and I configured the IP address of my PC, but it doesn't work.

When I configure the IP address of my PC under Configuration in Exempted VLANs & Networks section, Sensei ignores my Requests and everything that is denied in the Default Policy is accessible.

My OPNsense is Version 20.7.5 running as VM on vSphere assigned 3 vCPUs (i5-4590T CPU @ 2.00GHz) and 6GB vRAM. My main network is LAN and WiFi on VLAN1, which is untagged on interface em0. IDS/IPS is currently disabled, so there should no issues happened with that.

Does somebody have an idea what I did wrong?

Thanks & Cheers,
Stefan

[sy]

Hi Stefan,

Policies work with and condition. So if you select any option except IP, It has to match all conditions then apply the policy. Can you share your policy configuration?

[SoWhat!]

Hi sy,

There is nothing else configured execpt the IP address.

I also tried only with one IP as well, but no success.

Cheers,
Stefan

[sy]

Hi,

So your sessions match the test policy on Reports - Connection - Live Session Explorer? Please check the policy column.

[SoWhat!]

Hi sy,

No, it doesn't. Just the Default Policy match.

Cheers
Stefan

[sy]

Hi,

Can you send a Bug report from the upper right corner of Sensei GUI? Please select all checkboxes.

[SoWhat!]

Hi sy,

The Bug report is on the way.

The GUI didn't acceppt .info TLD, this schould be fixed als well. 

Thank's and Cheers,
Stefan

[sy]

Hi,

Thanks, got it. I will get back on ticket.

[Julien]

we have users reporting issue its blocks website when they visit them for the first time.
how to fix this ?

[sy]

Hi Julien,

I guess your firstly seen site block feature is on in Security rules. You can add the sites to the whitelist (Web Controls - Auto Whitelist) or request categorization (https://www.sunnyvalley.io/site-classification/) or disable that feature.

[marshalleq]

Deleted my post and moving to a separate topic

[flushell]

Made separte topic. My bad, thought this was the only thread.