Hi
I'm trying to get OPNsense to work as an "internal" firewall between our test environments and production, so it ends up with no WAN interface.
My primary problem is that I can't fetch updates, I've tried with proxy and without proxy but the result is the same "Connection Error". Then I added a WAN port (still behind the corporate firewall) but update still fails.
I can see (on the external firewall) it is connecting successfully to mail.opnsense.org on port 80.
Regards
Maciej
Hi Maciej,
The work for 16.7 will include firmware improvements that will support custom/internal mirrors directly manageable via the GUI, but you can already set this up manually.
An update server is just a HTTP server with signed packages.
1. You can e.g. sync all packages from a mirror like http://mirror.ams1.nl.leaseweb.net/opnsense/releases/mirror/ and push them to your own web server with the same structure.
2. The /conf/config.xml needs editing in the <system> section, it requires a <firmware><mirror>YOUR_UPDATE_SERVER_AND_DIRECTORY</mirror></firmware> option.
3. The update tool /usr/local/sbin/opnsense-update needs the same MIRROR= location.
At the moment, step 3. will be overwritten by the firmware upgrade. As I said, this will all be weaved into 16.7 and shipped over the upcoming months.
Hope this helps,
Franco