OPNsense Forum
Archive => 16.1 Legacy Series => Topic started by: mszeliga on February 22, 2016, 02:13:28 pm
-
Hi
I'm trying to get OPNsense to work as an "internal" firewall between our test environments and production, so it ends up with no WAN interface.
My primary problem is that I can't fetch updates, I've tried with proxy and without proxy but the result is the same "Connection Error". Then I added a WAN port (still behind the corporate firewall) but update still fails.
I can see (on the external firewall) it is connecting successfully to mail.opnsense.org on port 80.
Regards
Maciej
-
Hi Maciej,
The work for 16.7 will include firmware improvements that will support custom/internal mirrors directly manageable via the GUI, but you can already set this up manually.
An update server is just a HTTP server with signed packages.
1. You can e.g. sync all packages from a mirror like http://mirror.ams1.nl.leaseweb.net/opnsense/releases/mirror/ and push them to your own web server with the same structure.
2. The /conf/config.xml needs editing in the <system> section, it requires a <firmware><mirror>YOUR_UPDATE_SERVER_AND_DIRECTORY</mirror></firmware> option.
3. The update tool /usr/local/sbin/opnsense-update needs the same MIRROR= location.
At the moment, step 3. will be overwritten by the firmware upgrade. As I said, this will all be weaved into 16.7 and shipped over the upcoming months.
Hope this helps,
Franco