Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - tuaris

Pages: [1]
1
General Questions / Setting up for Local Development
« on: June 08, 2019, 07:45:50 PM »
Is there documentation on how to setup your local environment for development?  I've recently become more interested t1n1wall after having tried OPNSense for a year after migrating from m0n0wall.   

I'd like to try to see if I can upgrade the PHP version to 7.3 and maybe integrate two missing pieces that would make this an ideal firewall appliance.  Those two piecing being the DHCP service patch I submitted and https://www.freshports.org/net/miniupnpd/.

2
Code: [Select]
Version 2.11.1b149 built on Mon Sep 10 00:28:35 IST 2018
Platform Generic PC (serial console)
Architecture i386

3
VPN / PPTP VPN Not Accepting conections and L2TP Breaks Site-to-Site
« on: June 06, 2019, 07:45:13 PM »
I'm migrating from M0n0wall, I manually rebuilt my config page by page to sort of start "fresh".  PPTP was working fine in m0n0wall.

For t1n1wall, enabling the PPTP VPN appears to work according to the logs:

Code: [Select]
Jun  6 14:38:17 <daemon.info> stargate mpd: Multi-link PPP daemon for FreeBSD
Jun  6 14:38:17 <daemon.info> stargate mpd:
Jun  6 14:38:17 <daemon.info> stargate mpd: process 1605 started, version 5.8 ([email protected] 00:31 10-Sep-2018)
Jun  6 14:38:17 <daemon.info> stargate mpd: PPTP: waiting for connection on 0.0.0.0 1723

But attempting to connect from a client just times out.  Nothing is logged on the t1n1wall side.

So then I attempt L2TP/IPsec (since you have that option).  It works, very nicely except that when it's enabled, my site-to-site IPSec tunnels break with:

Code: [Select]
ERROR: phase2 negotiation failed due to time up waiting for phase1
INFO: request for establishing IPsec-SA was queued due to no phase1 found

Turning off L2TP re-enabled my site-site tunnels.

4
I'd like to see fields to override the default gateway that is given out to clients in the DHCP pool.   I created this patch: https://sourceforge.net/p/t1n1wall/bugs/35/

5
I've been a long time m0n0wall user and have tried the 'modern' alternative 'sense's.  They have their use and place, (one more than the other  ;D ). 

I do miss the leanness and simplicity offered by m0n0wall and think both t1n1wall and smallwall are good continuations.  However you would do better to combine your efforts and have a single project.  I would be glad to sponsor some development of features I'd like to see (while keeping it light weight).

Really the only addition's I'm looking for is to bring over some additional configuration fields/options for the DHCP server for reservations, and have the phase 2 components of IPsec separated out from the phase 1 so that a phase 1 can have multiple phase 2's.

Pages: [1]