OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: harshw on May 06, 2021, 08:41:41 am

Title: Upgrading 20.1 to 21.1 with ATT bypass
Post by: harshw on May 06, 2021, 08:41:41 am: Upgraded 20.1 to 21.1 today

I have ATT and use the pfatt bypass script alongwith netgraph to create a virtual WAN interface. I was able able to successfully upgrade by doing the following:

- backup configuration
- installed another SSD
- booted from the 21.1 VGA installer
- imported configuration from the old SSD with 20.1
- logged in as 'installer' and installed onto new SSD

BEFORE rebooting:

- copy (and make executable) the pfatt bypass script into /usr/local/etc/rc.syshook.d/early as 99-opnatt
- make sure to have the following modules loaded in /boot/loader.conf.local

Code: [Select]
netgraph_load="YES" ng_ether_load="YES" ng_eiface_load="YES" ng_one2many_load="YES" ng_vlan_load="YES" ng_etf_load="YES"
Reboot and check if the WAN interface comes up - if not, execute the script directly and check the log.

After this, I did another manual restore for the config as I noticed some things hadn't transferred over.

And if you run into problems with Wireguard not starting after the upgrade - make sure there is only ONE /32 IP address in the 'Allowed IPs' for each Wireguard Endpoint configuration

Kudos to the OPNSense team for a great release and for all the hard work and effort that goes into OPNSense.
Title: Re: Upgrading 20.1 to 21.1 with ATT bypass
Post by: Nnyan on May 06, 2021, 06:49:07 pm: That worked for me also until my 210 went bad and they replaced it with a 310. Bridged mode only for me now.
Title: Re: Upgrading 20.1 to 21.1 with ATT bypass
Post by: harshw on May 09, 2021, 06:39:38 am: Quote from: Nnyan on May 06, 2021, 06:49:07 pm
That worked for me also until my 210 went bad and they replaced it with a 310. Bridged mode only for me now.

Hah ! that post got me thinking - was lucky enough to have Sonic in the neighborhood, spoke to them about their 3 month free trial, was scheduled for an appointment today and they came by and installed it in an hour and half. I'd mentioned that I did NOT need a RG, the install tech had it in his notes, he setup the ONT, tested it and left.

It took me half an hour to read up about MultiWAN and setup OPNSense with it - now I have both to compare, I noticed that Sonic's RTTs are lower by 1-3 msec. The best part - there is no RG box, I connect directly to the ONT