OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: scream on July 31, 2020, 06:30:27 pm

Title: Update failed 20.1 -> 207 with Sensei
Post by: scream on July 31, 2020, 06:30:27 pm

I run opnsense as a VM on my ESXi Server.

So I just take a snapshot first and then started the update. Tried twice.

After update process has finished I also updated the Sensei packages. (Triggering Update again over WebGUI).
As soon as I start Sensei the console output of my VM explode and OS doesn't respond to anything.
VM is then booting up again from itself and as soon as the sensei packet engine gets started it stuck with log console output and boot again.
So I'm ending in Bootloop as soon as Sensei Packet Engine is get started.

So I've to revert to 20.1 for the moment.

Any ideas?

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: cgone on July 31, 2020, 08:17:51 pm

I needed to disable the upnp-service before the update.
If you are using the upnp-service, I advice you to do the same.

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: the-mk on August 01, 2020, 12:20:04 am

Please read the last pages of that thread
https://forum.opnsense.org/index.php?topic=9521.990 - especially the posts of mb
Upgrading an OPNsense with Sensei running in a VMware is not the best idea at the moment...

Title: Re: Update failed 20.1 -> 20.7 with Sensei
Post by: scream on August 01, 2020, 11:07:37 am

Thx, didn't see that post before. Will follow up there.

Title: Re: Update failed 20.1 -> 207 with Sensei - Temp fix
Post by: rhamblet on August 01, 2020, 10:43:31 pm

Same problem here but didn't have Sensei installed.  My problem was Suricata IDS (Suricata).  System is EXSI 6.7 U3, VM ver 15.  To fix I performed the following:

Boot into single user mode
from the shell:
# mount (shows ro due to corruption from the panic)
# fsck -y / (fix the file system)
# mount -o rw / (remount in read write)
# /usr/local/etc/rc.d/suricata disable
# vi /conf/config.xml
/IDS  (find IDS in vi editor)
change
<general>
        <enabled>1</enabled>
to
<general>
        <enabled>0</enabled>
:wq
# reboot
System's back up and stable without IDS enabled.  I sent in a crash report and will wait to re-enable IDS until disposition or fix.

Hope this helps somebody else with this update issue.

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: wer on August 02, 2020, 05:05:08 pm

Same here. ESXI 6.7u3
continous crashes with enabled suricata.
I had do disable suricate previus updateing to 20.7.
I have rolled back to 20.1.9. Long live the snapshot! ;-)

wer

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: franco on August 02, 2020, 05:28:52 pm

IDS with IPS mode on as well?


Cheers,
Franco

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: Lukas L. on August 02, 2020, 08:10:30 pm

Same for me - did fs check & repair + disabled IDS and IPS, running as VM on vmw 6.7U3 (vmxnet3 nics). Disabling these services did the trick for now

Title: Re: Update failed 20.1 -> 207 with Sensei
Post by: cmdr.adama on August 03, 2020, 11:32:46 am

Also tried upgrading a couple times... I'm not running Sensei but I am running Suricata... Disabled suricata prior to the upgrade and it doesn't seem to have made any difference... The kicker for me is I'm running the FW in AWS Lightsail so I'm not able to get to the console if it fails to boot... :(