Ipsec with NAT on phase 2
Hello everyone I maintain some ipsec gateway using isakmpd on OpenBSD no problem at all, but i need to setup a new one but now with NAT on phase 2 , is this possible with iked or isakmpd ? Best Regards Dante
ACPIDUMP taking a long time to run
Hello everyone I did a fresh install of obsd 6.2 (stock kernel) on a machine which was running obsd 5.7 , this machine is an old Dell poweredge T110 but now after install the newer OS it's taking a lot more time to boot, during the boot process everything are ok until rc invoke acpidump which takes a lot time to run and is returning the message "RDST entry 6 is corrupted" , if you run this command manually it returns same message and commenting out the related lines on /etc/rc the machine boots normally, i also tried to get info from one of the files generated by acpidump called RSDT.0 using the acpica utils and generated a file containing the text below. Any ideas ? Regards and Happy 2018 Dante F. B. Colò /* * Intel ACPI Component Architecture * AML/ASL+ Disassembler version 20170303 (64-bit version) * Copyright (c) 2000 - 2017 Intel Corporation * * Disassembly of /var/db/acpi/RSDT.0, Tue Jan 2 14:40:47 2018 * * ACPI Data Table [RSDT] * * Format: [HexOffset DecimalOffset ByteLength] FieldName : FieldValue */ [000h 4] Signature : "RSDT" [Root System Description Table] [004h 0004 4] Table Length : 0050 [008h 0008 1] Revision : 01 [009h 0009 1] Checksum : 9A [00Ah 0010 6] Oem ID : "DELL " [010h 0016 8] Oem Table ID : "PE_SC3 " [018h 0024 4] Oem Revision : 0001 [01Ch 0028 4] Asl Compiler ID : "DELL" [020h 0032 4] Asl Compiler Revision : 0001 [024h 0036 4] ACPI Table Address 0 : 000F202C [028h 0040 4] ACPI Table Address 1 : 000F2194 [02Ch 0044 4] ACPI Table Address 2 : 000F2213 [030h 0048 4] ACPI Table Address 3 : 000F2263 [034h 0052 4] ACPI Table Address 4 : 000F229B [038h 0056 4] ACPI Table Address 5 : 000F22D7 [03Ch 0060 4] ACPI Table Address 6 : [040h 0064 4] ACPI Table Address 7 : [044h 0068 4] ACPI Table Address 8 : [048h 0072 4] ACPI Table Address 9 : [04Ch 0076 4] ACPI Table Address 10 : 000F2459 Raw Table Data: Length 80 (0x50) : 52 53 44 54 50 00 00 00 01 9A 44 45 4C 4C 20 20 // RSDTP.DELL 0010: 50 45 5F 53 43 33 20 20 01 00 00 00 44 45 4C 4C // PE_SC3 DELL 0020: 01 00 00 00 2C 20 0F 00 94 21 0F 00 13 22 0F 00 // , ...!...".. 0030: 63 22 0F 00 9B 22 0F 00 D7 22 0F 00 00 00 00 00 // c"..."...".. 0040: 00 00 00 00 00 00 00 00 00 00 00 00 59 24 0F 00 // Y$..
Octeon/MIPS64 SMP Support
Hi I'm think about get a Ubiquiti Edgerouter box and drop openbsd there. I read the instalation file and was not clear to me if the current MIPS/Octeon kernel implementation supports SMP or not , does it support ? Regards Dante F. B. Colò
Re: Remote LAN access from local IPSec Gateway
Hi Rosen It`s working now, many thanks !! On 3/28/17 3:48 PM, Rosen Iliev wrote: Hi Dante, It was an dirty hack if I recall, you'll need an static route to destination network to the LAN:Address. Regards, Rosen Dante F. B. Colò wrote on 3/28/2017 11:52 AM: Hi everyone, i configured an ipsec network using isakmpd on both sides, access between local networks are ok except from the gateways theirselves , is it accomplishable ? Regards Dante F. B. Colò
Remote LAN access from local IPSec Gateway
Hi everyone, i configured an ipsec network using isakmpd on both sides, access between local networks are ok except from the gateways theirselves , is it accomplishable ? Regards Dante F. B. Colò
Redudant gateways
Hello, I've added a second ISP link on a firewall , what i need is make both redudant but without load balancing like equal multipath, i just need that the second link assume only if the other fails , i already did this with some rudimentary cron scripts, is there a better way to do this ? Regards Dante
PPPOE issue
Greetings I already posted this question here but i think i didn't explain very well, i have a issue in a openbsd 5.7 (tried also 5.6 and 5.5 same thing) with pppoe internet broadband connection , when i start the pppoe0 interface the connection does not estabilish and shows the message below repeatdly ,how can i troubleshoot this , does anyone here have any idea ? pppoe0: host unique tag found , but it belongs to a connection in state 3 pppoe: received PADO but could not find request for it Best Regards Dante F. B. Colò
PPPOE connection problem
Hello everyone, I configured a PPPOE connection on a openbsd machine, the connection drops after some time and the message below appears in /var/log/message , any suggestions ? pppoe0: host unique tag found , but it belongs to a connection in state 3 pppoe: received PADO but could not find request for it
Re: Static routing question
Hi
This is a part of the output containing the static routes related to
*bnx0* , *bnx1 *, i was trying to make a static route for the
189.92.72.11 pointing to *bnx1* but without success, is it possible ?
below the routes is the output of ifconfig these interfaces, i'm gonna
try a bridge also. Thank all of you for the responses.
Regards
Dante F. B. Colò
default189.92.72.9UGS 5746 674637542 - 8 bnx0
189.92.72.8/29 link#5 UC 30 - 4 bnx0
189.92.72.9f4:0f:1b:20:4b:20 UHLc 10 - 4 bnx0
189.92.72.10 00:10:18:9d:31:84 UHLc 0 42 - 4 lo0
189.92.72.11 link#5 UHLc 01 - 4 bnx0
204.31.112/24 link#2 C 00 - 4 bge1
204.31.112.24/29 link#2 C 10 - 4 bge1
204.31.112.26 00:25:64:3c:de:76 UHLc 0 34 - 4 lo0
224/4 127.0.0.1 URS00 33200 8 lo0
bnx1: flags=28843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6 mtu 1500
lladdr 00:10:18:9d:31:86
priority: 0
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 189.92.72.11 netmask 0xfff8 broadcast 189.92.72.15
bnx0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
lladdr 00:10:18:9d:31:84
priority: 0
groups: egress
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet6 fe80::210:18ff:fe9d:3184%bnx0 prefixlen 64 scopeid 0x5
inet 189.92.72.10 netmask 0xfff8 broadcast 189.92.72.15
On 11/7/14 4:18 AM, rjc wrote:
On Thu, Nov 06, 2014 at 04:12:20PM EST, Dante F. B. Colò wrote:
Hello everyone
Hi Dante,
I'm trying to setup some static routes on a openbsd 4.9 box for some
public addresses , the machine has two ethernet cards *bnx0 ***and *bnx1
***, *bnx0* is attached to a Cisco internet router and *bnx1*** is
connected to a switch, both interfaces have public addresses of the
same range , *bnx1 *appears has absolutely no communication , i took a
look at the static routes and there is a route for the subnet that it
goes to *bnx0* , i'm trying to add a static route for the ip address
pointing to the***bnx1 *without pass gateway using *-iface* parameter
but always returns Network unreachble, someone can help me or give
some tips to fix this ? for many here this is probably a nooby question,
we also have some firewall Linux boxes that i'm gonna migrate to openbsd
but first i have to solve this.
First and foremost, if you ask any questions regarding networking, you
should include the content of:
/etc/hostname.bnx{0,1}
/etc/mygate # if it exists and you're not using DHCP
Please also include the output of:
router show
and any commands exactly as you enter them.
That would be a good place to start - BTW, this information should have
been included in the first email.
Regards,
rjc
P.S. 4.9? Isn't it time to upgrade? ;^)
Static routing question
Hello everyone I'm trying to setup some static routes on a openbsd 4.9 box for some public addresses , the machine has two ethernet cards *bnx0 ***and *bnx1 ***, *bnx0* is attached to a Cisco internet router and *bnx1*** is connected to a switch, both interfaces have public addresses of the same range , *bnx1 *appears has absolutely no communication , i took a look at the static routes and there is a route for the subnet that it goes to *bnx0* , i'm trying to add a static route for the ip address pointing to the***bnx1 *without pass gateway using *-iface* parameter but always returns Network unreachble, someone can help me or give some tips to fix this ? for many here this is probably a nooby question, we also have some firewall Linux boxes that i'm gonna migrate to openbsd but first i have to solve this. Best Regards Dante F. B. Colò
