Yes... I know... Don't run MS PPTP and that is why I am implementing
OpenBSD.
Untill OpenVPN is fully installed on every client, I need to provide access
to PPTP during transition.
I don't know what to use in pf.conf though. I have tried everything that I
find logical.
In sysctl.conf I have
Hi. I am having a project on setting up Samba to work as a replacement for
MS AD.
I would prefer to do it on OpenBSD, but how is the implementation of Samba
on OpenBSD? Is it enhanced in a way that will cause any known problems that
would not be on say... CentOS?
Regards, Lars.
ook
> up direct LDAP access, for example.
>
>
> On Wed, Mar 25, 2020 at 7:48 AM kasak wrote:
>
>>
>> 25.03.2020 02:06, Lars Bonnesen пишет:
>> > Hi. I am having a project on setting up Samba to work as a replacement
>> for
>> > MS AD.
>> >
In earlier obsd versions I have been having success with this in
hostname.vlan703
inet 172.18.11.9 255.255.255.252 NONE vlandev em5 description VLAN703
On an obsd 6.6, I use the vmx device, but the syntax:
inet 172.18.11.9 255.255.255.252 NONE vlandev vmx2 description VLAN703 does
not work as expe
That did it... thanks!
On Wed, Apr 29, 2020 at 10:42 PM Sebastian Benoit
wrote:
> Lars Bonnesen(lars.bonne...@gmail.com) on 2020.04.29 21:58:27 +0200:
> > In earlier obsd versions I have been having success with this in
> > hostname.vlan703
> > inet 172.18.11.9 255.255.255
Is it no longer important to group block/pass in/out for speed optimization?
I see many "modern" pf.conf where everything is mixed more or less randomly
Regards, Lars.
I have been using a combination of Apache, mod_proxy and letsencrypt to set
up different loadbalancing/https offload solution like this:
https://URL1[Apache http_1]
---|
https://URL2 [Apache https, mod_proxy, and letsencrypt] --- [Apache http_2}
---|
I have a physical switch with a number of VLANs and a NIC connected to a
wireless setup. I want to have those two separated except for one
particular VLAN that I want on the physical switch as well as on the APs.
So I have vmx1 connected to the APs and vmx3 to the switch.
Then some vlans that eac
Loff wrote:
> On Tue, Dec 19, 2023 at 09:33:18AM +0100, Lars Bonnesen wrote:
> > I have a physical switch with a number of VLANs and a NIC connected to a
> > wireless setup. I want to have those two separated except for one
> > particular VLAN that I want on the physical sw
Ah, ok... and then you assign the IP address to that vport... thanks...
will try that out later.
On Tue, Dec 19, 2023 at 2:42 PM Zé Loff wrote:
>
> On Tue, Dec 19, 2023 at 02:25:01PM +0100, Lars Bonnesen wrote:
> > That is exactly what I want.
> >
> > Ah, veb... althou
I now have two ISPs
A primary on vmx2 and a backup (4G) on vmx4
Both needs to initiate connection with a dhcp request, so I have:
inet autoconf description Internet
in hostname.vmx2
and
inet autoconf description Internet4Gbackup
in hostname.vmx4
My idea is to have an active/passive setup being a
Setting up an OpenVPN-box in a network with no central user database, and I
would like an extra layer of security than just the certificate.
As I can't use LDAP (unless I install this), I found the auth-pam.pl
script, but using this OpenVPN complains:
Can't locate Authen/PAM.pm in @INC (you may n
Yeah, I agree... any other solution than USB is better for this, but this
is what I have. Startech - they are on the supported hcl list
Running tagged VLANs on top of one of these goes well, but if I create a
trunk against a cisco catalyst switch, I get random USB IOERRORs and
similar.
The trunk
Ok, I am sorry... I found the port openvpn_bsdauth
via-env never worked, but using via-file and tmp-dir, I am now able to auth.
Does a similar solution exist for additional MFA-solutions? Google Auth?
Regards, Lars.
On Mon, Aug 15, 2022 at 7:47 PM Lars Bonnesen
wrote:
> Setting up
sh /etc/netstart sometimes just ends in a hanging network state... I need
to boot from console, and then we are fine again.
Sometimes, I get:
ifconfig: SIOCSIFPARENT: Invalid argument
ifconfig: SIOCAIFADDR: Device not configured
ifconfig: SIOCSIFPARENT: Invalid argument
ifconfig: SIOCAIFADDR: De
We are about to migrate VM's from one datacenter to another and the VMware
L2VPN we are using for this is simply not stable for some reason that we
cannot figure out why.
I have used GRE-tunneling before on a software router that I actually
cannot remember the name of now, but if OpenBSD can do th
Thanks for your replies. It has been Xmas and I have been delayed, but I
have now read up upon it. I am going for the tpmr(4). We are going to
replicate a lot of live data from Site1 to Site2, and my experiences with
OpenVPN is that it is great, but not high performing. So I have established
a Wire
Which 1Gbit USB 3.0A NIC is performing best with obsd 7.2?
I am aware of the hardware list, but I am asking personal experience from
users in here
Regards, Lars.
port on a switch
Can anyone guide me in the right direction, thx?
Regards, Lars.
On Wed, Jan 4, 2023 at 7:24 AM Lars Bonnesen
wrote:
> Thanks for your replies. It has been Xmas and I have been delayed, but I
> have now read up upon it. I am going for the tpmr(4). We are going to
> repli
How many physical NICs can you add to an OpenBSD host (vmx)
I am asking because I am running an OpenBSD on a VMware host but apparently
OpenBSD can only see 8 of them.
Can I raise the limit somehow?
Regards, Lars.
Installed zabbix-agent
but when doing "./zabbix_agentd -d start", I get:
ERROR: value of parameter "TLSConnect" requires support of encrypted
connection with PSK but support for PSK was not compiled in
How do I add support for Preshared key?
Regards, Lars.
What can be done to optimize obsd 7.2 running on top of ESXi 7 with
7 vmx "phys" ifs
3 em "phys" ifs
22 virtual ifs
Very simply pf ruleset - the box is only running VPN solution between two
sites up against a similar configured obsd 7.2
I came across https://calomel.org/network_performance.html
Tue, Feb 14, 2023 at 11:04:57PM +0100, Lars Bonnesen wrote:
>
> > What can be done to optimize obsd 7.2 running on top of ESXi 7 with
> >
> > 7 vmx "phys" ifs
> > 3 em "phys" ifs
> > 22 virtual ifs
> >
> > Very simply pf ruleset - the
wrote:
> On Wed, Feb 15, 2023 at 01:01:10PM -, Stuart Henderson wrote:
> > On 2023-02-15, Lars Bonnesen wrote:
> > > One says:
> > >
> > > # pfctl -s info
> > > Status: Enabled for 0 days 10:56:43 Debug: err
> > >
> > &
I think that I am now hitting a bottleneck somewhere else.
Thanks for the help so far... I might come back thirsty for more later...
(-:
Regards, Lars.
On Wed, Feb 15, 2023 at 4:13 PM Lars Bonnesen
wrote:
> lbo@PLOSLOL2VPN:/etc$ pfctl -s info
> Status: Enabled for 0 days 00
le as possible about packages it
really shouldn't care about.
On Wed, Feb 15, 2023 at 5:52 PM Stuart Henderson
wrote:
> On 2023-02-15, Lars Bonnesen wrote:
> > lbo@PLOSLOL2VPN:/etc$ pfctl -s info
> > Status: Enabled for 0 days 00:06:49 Debug
OpenBSD 6.4
Putty just reports "Authenticating with public key "XXX" from agent" and
then I am disconnected. If I run sshd with -ddd, I get the following
output. I can't seem to get any error, and therefor I can't tell what is
wrong. Anyone has any idea? Thanks
debug2: load_server_config: filena
The NIC hostname file contains:
dhcp
and it configures the nic with a DHCP address and configure mygate
according to this.
Now I need to add an additional static IP on top of this and use the static
IP address gateway address (thus not configuring myname from DHCP)
Can I just add inet x.x.x.x b
I like OpenBSD for it's easiness, straight forwardness and simpleness on
daily usage. Unfortunately with the last releases, I find keeping OpenBSD
up2date between releases to be confusing. Please help me on this one:
Well... I have been quite happy using cvsup to keep my src and ports
up2date, but
Just want to make sure if I get this right.
Patches 007 and 008 (OpenSSL-fix) for 5.4 has been run.
OpenBSD 5.5 install source code patch branch run and compiled.
On both setup I get this:
# openssl version -a
OpenSSL 1.0.1c 10 May 2012
built on: date not available
platform: information not ava
30 matches
Mail list logo