Upgraded to 1.14 from 1.13 today via the GUI and get "network error" in the Zenarmor pages.
So - uninstalled using the OPNsense plugins page, and reinstalled as per web instructions ( https://www.zenarmor.com/free-edition-plan).
Now, I'm stuck on the wizard - I get a spinning wheel under 'Database Settings', then nothing happens, and I can't select 'Next' to get to 'Interface Settings'. I suspect this is a netmap driver issue, or similar - although 1.13.4 was running fine.
There are no errors under 'Notifications', and the Info says "Engine Started".
I have no help to offer, I'm just adding that the same has happened to me. I have not removed the package yet.
Same here, after an upgrade zenarmor stuck, so i reinstall the whole opnsense, restored from backup ( deleted the zenarmor configuration parts ) then install the fresh zenarmor. I try to setup but even the initial setup stuck with the Network Error
Please check your network connection message. It seems something is broken with this.
I've a opnsense installed on my home network.
I've tried to update zenarmor 1.14 and i've the same issue "Network Error".
I reach my opnsense device with https://opnsense.localdomain url (private one).
After updating zenarmor or try to reinstall it, the network connection come from the issue that zenarmor web ui try to fetch the js/css/img/html component from my WAN ip address and not the 192.168.1.1/opnsense.localdomain url ... + issue with CORS policy because of the mismatch of the 2 domains/ips
I think there is something wrong with the setup and the WAN address must nor be used to serve the web ui of zenarmor
Even the uninstall tab does not work with the same "Network Error", so i can not send a ticket to support directly :(
So for now, no more zenarmor on my system to protect my kids devices :( ... I'm in my trying period and was ready to buy a subscription, but with this faulty upgrade, i'm starting to look other products.
I have the same issue as above. Most things say "network error" including the health check section. The only thing that's in the notifications is engine started.
Edit: If I log in via IP address everything seems to be working. Logging in via host.domain will not.
Edit #2: Updating to 1.14.1 resolved the issue. Thanks!
Same here, restored VM Snapshot as I'm running business on it
Quote from: deuch on August 07, 2023, 07:45:05 AM
I've a opnsense installed on my home network.
I've tried to update zenarmor 1.14 and i've the same issue "Network Error".
I reach my opnsense device with https://opnsense.localdomain url (private one).
After updating zenarmor or try to reinstall it, the network connection come from the issue that zenarmor web ui try to fetch the js/css/img/html component from my WAN ip address and not the 192.168.1.1/opnsense.localdomain url ... + issue with CORS policy because of the mismatch of the 2 domains/ips
I think there is something wrong with the setup and the WAN address must nor be used to serve the web ui of zenarmor
Even the uninstall tab does not work with the same "Network Error", so i can not send a ticket to support directly :(
So for now, no more zenarmor on my system to protect my kids devices :( ... I'm in my trying period and was ready to buy a subscription, but with this faulty upgrade, i'm starting to look other products.
Odd, just checked my installation. According to the Safari Web Inspector, the menu is being pulled from my LAN IP. Only external content is some Google fonts stuff, which is not pulled by zenarmor but my theme. What happens if you access your device with it's internal IP?
Same here, adding here for tracking.
Installer finished, rebooted twice, "Network error" everywhere in the new menus.
Serban
I have the same issue with network error when viewing the dashboard. Workaround was to reach the firewall (dashboard) via IP-address instead of FQDN.
Second issue is that I can only select one interface to protect in the settings > configuration. If I select three interfaces only one will be selected after applying the configuration. In the dashboard and live view more interfaces are shown.
Quote from: deuch on August 07, 2023, 07:45:05 AM
After updating zenarmor or try to reinstall it, the network connection come from the issue that zenarmor web ui try to fetch the js/css/img/html component from my WAN ip address and not the 192.168.1.1/opnsense.localdomain url ... + issue with CORS policy because of the mismatch of the 2 domains/ips
I think there is something wrong with the setup and the WAN address must nor be used to serve the web ui of zenarmor
FWIW, I access my OPNsense on a FQDN.
EDIT: I just tried to access via the router IP address (https://192.x.x.x:port) - still the same error / lack of progress / 'Network error'.
So,update from me (Licensed Home version)
I can "access" the Zenarmor menus when accessing the FW with the IP address, but:
- all buttons are greyed out (clicking on them issues a message - "setting updated" but the position of the switches is still "off") - quite disconcerting considering the privacy settings also cannot be actually viewed from the GUI either
- I run the reporting on an external Elasticsearch DB - cannot see any reports, the system says "network error".
UPDATE:
- in Safari the buttons are visible, in Firefox, even clearing cache / private window - no luck.
I did an install with using the management IP of the FW and it works this time.
I'm now able to create policies etc ...
But i can not still use zenarmor with the opnsense.localdomain name, only with the private ip
Hey there,
same thing in my router. I believe the problem is that the frontend now tries to access the zenarmor API using the router LAN IP address instead of the URL address of the router GUI.
In my case I access the router with the URL: https://my.awesome.router which is secured with a letsencrypt certificate. The Zenarmor client though tries to use the URL https://192.168.1.1/api/zenarmor which of course leads to an invalid certificate error and prevents the client from getting to an access token.
Is there any configuration setting available which allows us to set the URL of the Zenarmor API backend?
Hi everyone,
having the identical issue after the upgrade.
Access to the Zenarmor tab in OPNsense is not working using the FQDN, but works using the internal mgmt IP address.
Hope Zenarmor is fixing the issue in due course.
Rgds,
Stefan
Good work tracking this one down, everyone!
Dare I say, it looks like it *should* be a straightforward fix for Zenarmor.
Surprised this wasn't picked up in beta though - it's not as though running a firewall behind a certificate and FQDN is a bleeding-edge use case.
Unfortunately, I'll have to wait for the actual fix, since using the internal management IP address isn't working for me.
Hi,
Same problem here, can not access the Zenarmor menus, it doesn't matter if i use FQDN or IP address. the OPNsense Web GUI is running on an different port, not 443, I'm using 4444 instead. Nginx is running on port 443, maybe that's the problem?
Thats what I see in the Chrome development tools:
Access to fetch at 'https://XXX.XX.XXX.X/api/zenarmor/status' from origin 'https://XXX.XX.XXX.X:4444' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
GET https://XXX.XX.XXX.X/api/zenarmor/status net::ERR_FAILED
Best Regards
Hi,
Sorry for the inconvenience. It is fixed and a bugfix release will be shipped today.
Good PM guys,
had a ticket open with Zenarmor and their support team could re-produce the error with the describtion and logs files I'd provided.
Quote:
SVN Support Team (Zenarmor Help Desk)
Aug 7, 2023, 04:22 PDT
Hi Stefan,
Thanks for reaching out and letting us know about the issue.
We have reproduced the issue and will be shipped a bugfix release today.
Quote end
Cheers,
Stefan
Just came in to chime in as well.
Fresh install of OPNsense 27.1, followed steps to install os-sunvalley, os-sensei.
I can't get past the wizard during checking hardware with a network error after what appears to a 10-20second timeout.
I'm using the local firewall IP to do this with zero luck. Bummer!
The 1.14.1 does fix the 'Network error' after upgrading' for me.
Hi ,
1.14.1 is shipped. You can install it via Zenconsole or run the following command on the console as root
pkg install -fy os-sensei
Kind regards
Salih
Fixed, thanks.