Welcome, Guest. Please login or register.
Forums

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - huub

Pages: [1]
1
Installation / Re: DNS/DHCP problems
« on: January 17, 2016, 05:41:30 PM »
Works like it should  8)

2
Installation / Re: DNS/DHCP problems
« on: January 17, 2016, 03:14:55 PM »
Code: [Select]
$ cat / var/ etc/ dnsmasq/ dhcpd.conf
dhcp-option=option:domain-name, "local"
dhcp-authoritative
dhcp-leasefile=/ var/ db/ dnsmasq.dhcpd.leases
dhcp-range=set:lan,192.168.10.128,192.168.10.191
 dhcp-option=tag:lan,option:dns-server,192.168.20.100
 dhcp-option=tag:lan,option:router,192.168.10.1
 dhcp-option=tag:lan,option:netbios-ns,192.168.10.100
        dhcp-option=tag:lan,option:netbios-nodetype,8
dhcp-range=set:lan,192.168.30.128,192.168.30.191
 dhcp-option=tag:opt2,option:dns-server,192.168.20.100
 dhcp-option=tag:opt2,option:router,192.168.30.1
 dhcp-option=tag:opt2,option:netbios-ns,192.168.10.100
        dhcp-option=tag:opt2,option:netbios-nodetype,8

This information shows the correct gateways for each subnet...
The range set seems weird to me (both lan).

3
Installation / Re: DNS/DHCP problems
« on: January 17, 2016, 03:09:51 PM »
Spaces inserted where necessary
Code: [Select]
$ cat / var/ etc/ dnsmasq/ dnsmasq.conf
edns-packet-max=4096
log-facility=local7
except-interface=ngwan0

4
Installation / SOLVED DNS/DHCP problems
« on: January 17, 2016, 12:57:15 PM »
I think I ran into some DHCP problems.

My router looks like:
LAN vr0 192.168.10.1
WAN vlan on vr2 DHCP
OPT1 vlan on vr1 192.168.20.1 (DWZ)
OPT2 vlan on vr1 192.168.30.1

The DHCP server is active on LAN and OPT2.
On the LAN most pc's run with a fixed IP-address.
In the DMZ I have a DNS.
On OPT2 however it seems the pc's does cannot find the DNS, I suspect a wrong route (gw 192.168.10.1 instead of 192.168.30.1).

Do you have any suggestions how I can check if the router supplied is correct?
For my phone I have a hard time using fixed IP-settings.

I would rather check this in the router since it saves me the trouble of searching through different interfaces for each device.

PS the dirty workaround is using NAT on the Wifi router at the OPT2 network. Currently it works, but 2x NAT is not optimal. However it proves the problem is in the DHCP data.

5
Installation / Re: Problems with embedded installation
« on: January 16, 2016, 11:54:57 PM »
OK, this image seems to work (generic-pc-serial-1.10.2b90.img).
I tested the basic functionality and am currently busy filling in the firewall rules for IPv4 to begin with.

Thanks for your fast reply :-)

6
Installation / Re: Problems with embedded installation
« on: January 16, 2016, 02:20:04 PM »
My router looks like:
LAN vr0 192.168.10.1
WAN vlan on vr2 DHCP
OPT1 vlan on vr1 192.168.20.1
OPT2 vlan on vr1 192.168.30.1

What I tried:
starting the last image of t1n1wall (version 1.10.2b89)
changing the IP-address from the LAN, OK
changing the webgui to https, OK
adding vlans, OK
adding OPT1 and OPT2, OK
activating OPT1 and assigning an IP-address, FAIL

The router fails like the network becomes unreachable on all interfaces!
both workstation->router and router -> workstation (ping from serial console).

I can mail you the startup log including the 0.99m BIOS from the ALIX. After 3 attempts I'm not going to try to post it here again.
One minor annoyance is a long timeout druing the boot at "ada0: Previously was known as ad0", which gets more annoying with each reboot and factory reset.

Unfortunately the 1.10 image is not useable for my router. I'm back to 1.8.

7
Installation / Re: Problems with embedded installation
« on: December 29, 2015, 08:36:31 AM »
I followed the link. The 1.10 image stops with uhub1 like the other alix.

Below messages are from the startup-messages indicate the ACPI is a problem:
ACPI BIOS Error (bug): A valid RSDP was not found (20150515/tbxfroot-258)       
ACPI: Table initialisation failed: AE_NOT_FOUND                                 
ACPI: Try disabling either ACPI or apic support.

As for the system (an alix 2d3):
PC Engines ALIX.2 v0.99h
640 KB Base Memory
261120 KB Extended Memory

I see there is an v0.99m available at the pc-engines site, but the updates do not mention any ACPI fixes (unless the ifdef fixes):
- Add support for SST49LF080 flash.
- Add support for TPM module on LPC bus.
- Fixed COM2 output enable.
- Add quick memory test option to setup (this also skips timer / RTC test, which can take up to one second).
- Attack overgrown ifdefs with a machete.
- Fix PCI bridge enumeration.
- Remove MFGPT workaround.
- Enable ROM access FExx'xxxx .. , make it read / write to allow TPM access.

I'll try to find some time to update.
I also saw some ATA errors. The old CF-card I used might be EOL, and I do like using a spare CF to be able to restore fast.
To be continued...

One other question a little off-topic:
I tried using pfsense to test some settings for ipv6 since I had a tutorial for IPv6 based on pfsense (using pfsense is not an option for me).
Are there known issues with IPv6 and DHCP-PD with t1n1wall version 1.8? (An answer yes or no would here be sufficient)

I tried configuring that with t1n1wall 1.8 and at one point got a valid address only to forget it after some time.
Never got a working IPv6 connection though. The IPv6 issues can wait until after I upgrade to 1.10.

8
Installation / Re: Problems with embedded installation
« on: December 25, 2015, 12:59:34 PM »
Finally been able to test.
Tested generic-pc-1.10b75.img and generic-pc-serlial-1.10b76.img.

A ping to 192.168.1.1 is not working and there is no response on web access on port 192.168.1.1.
Having no installation manual makes me wonder if I'm doing something wrong.
Not seeing what's happening is not encouraging.

Changing the old 32MB CF-card to a newer 2GB card with generic-pc-serlial-1.10b76.img did not change anything.

9
Installation / Re: Problems with embedded installation
« on: December 09, 2015, 10:27:24 PM »
I'll try to test later, but that probably won't be before X-mas.

For configuration perhaps 169.254.1.1 might be an option instead of 192.168.1.1 (link-local address, perhaps with an option to disable it when all configuration has been done).

The first installation I tried from t1n1wall was 1.10, but I did not see how to get it working. The only reason to try 1.8 again.

As for the VPN, I think it is a IPsec connection similar to the one used in m0n0wall/t1n1wall, but the other side is a Linux-based router.
Again, I need some time to test which I don't have currently. I did read on this forum that VPN's do work better with 1.10 therefore I was hoping to install 1.10 before trying to get the VPN to work.

Currently my shortlists contains:
- getting 1.10 to work
- getting HTTPS to work for the configuration
- getting the VPN to work
And probably in this order...

10
Installation / SOLVED Problems with embedded installation
« on: December 07, 2015, 07:05:32 PM »
I used m0n0wall for years and earlier this year switched to t1n1wall.
What I am missing is an installation manual.

I used the m0n0wall recipe, but that got me only so far.
The recipe I refer to:
Quote
Installation on an embedded PC requires the following steps:

    download the raw CF image (generic-pc-serial)
    write the image to a CF card (>= 32 MB), either with dd under FreeBSD/Linux or under Windows with physdiskwrite
        FreeBSD:
        gzcat generic-pc-serial-xxx.img | dd of=/dev/rad[n] bs=16k
        where n = the ad device number of your CF card (check dmesg)
        (ignore the warning about trailing garbage - it's because of the digital signature)
        Linux:
        gunzip -c generic-pc-serial-xxx.img | dd of=/dev/hdX bs=16k
        where X = the IDE device name of your CF card (check with hdparm -i /dev/hdX) - some adapters, particularly USB, may show up under SCSI emulation as /dev/sdX
        (ignore the warning about trailing garbage - it's because of the digital signature)
        Mac OS X:
        gzcat generic-pc-serial-xxx.img | sudo dd of=/dev/rdisk[n] bs=64k
        where n = the disk device number of your CF card (check Disk Utility)
        (ignore the warning about trailing garbage - it's because of the digital signature)
        Windows:
        physdiskwrite generic-pc-serial-xxx.img
    plug the CF card into the board
    plug the box into the network (LAN/WAN/...)
    power it up
    make sure that your console speed matches the setting in the BIOS; m0n0wall will use the same speed as the BIOS
    assign functions (LAN/WAN/OPT) to your interfaces
    change the LAN IP address over the serial console, or use the default (192.168.1.1; m0n0wall acts as a DHCP server by default)
    access the webGUI (user: 'admin', default password: 'mono')
    make the necessary changes to the default configuration
With the 1.8 version this mostly works, until I try to change the webgui to HTTPS with a diffferent port number. Then I get locked out.
This means that a restore of my old backup does not work. It's a nagging problem but I can work around it.

I ran into problems with the VPN as well, elsewhere on this forum I found that that problem could be caused by the 1.8.x firmware. By switching to 1.10bX I should be able to get a working VPN. Here the trouble begins.

After a clean install I get a prompt on the serial console for 1.8, but not for 1.10. Is there a fix for that behaviour?
Editing the image is unfortunately not an option since I don't have a native FreeBSD system. Therefore I can't change the configuration on the image.
I use an old PC Engines ALIX system (embedded pc, with a serial console for installation).

Pages: [1]