OPNsense Forum
Archive => 16.1 Legacy Series => Topic started by: Julien on June 29, 2016, 06:51:41 pm
-
Hi Guys,
we have managed to get OPNsense on VMware working fine. OPENVPN is configured with two factor authentication. however from time to time have to reboot the firewall becauses its not available over the line.
can't log to the firewall and the only solution is to reboot it .
any suggestions why ?
Firewall has 2GB memory and 10 GB SSD VMware drive.
thank you
-
Hi there,
It's important to get a screenshot of the console and possible errors there when it's down and wether or not it responds to input or a login. If the login works, a dmesg dump would be the first thing to look for trouble. Choose console option (8) and type:
# dmesg
The lines that are visible in the console will be the interesting ones.
Cheers,
Franco
-
thank you for your answer. attached is the screenshot.
the firewall is responding to the ping, i can browse to the internet but can't log in to the firewall. and its drop all active servers lice OPENVPN,...
i managed to ssh to the device see below
waiting for your answer
random: unblocking device.
da0 at mpt0 bus 0 scbus2 target 0 lun 0
da0: <VMware Virtual disk 1.0> Fixed Direct Access SCSI-2 device
da0: 320.000MB/s transfers (160.000MHz, offset 127, 16bit)
da0: Command Queueing enabled
da0: 8192MB (16777216 512 byte sectors)
da0: quirks=0x40<RETRY_BUSY>
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
Trying to mount root from ufs:/dev/da0s1a [rw]...
vmx2: link state changed to UP
vlan0: changing name to 'vmx2_vlan20'
vmx0: link state changed to UP
vmx1: link state changed to UP
tun1: changing name to 'ovpns1'
pflog0: promiscuous mode enabled
ovpns1: link state changed to UP
arp: 192.168.1.1 moved from fc:52:8d:1b:40:65 to 00:0c:29:e0:b0:0a on vmx2
arp: 192.168.1.1 moved from 00:0c:29:e0:b0:0a to fc:52:8d:1b:40:65 on vmx0
arp: 192.168.1.1 moved from fc:52:8d:1b:40:65 to 00:0c:29:e0:b0:0a on vmx2
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
pflog0: promiscuous mode disabled
ovpns1: link state changed to DOWN
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 done
All buffers synced.
Uptime: 1h45m4s
Copyright (c) 1992-2016 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.3-RELEASE-p3 #2 1988fec(RELENG_2_3_1): Wed May 25 14:14:46 CDT 2016
root@ce23-amd64-builder:/builder/pfsense-231/tmp/obj/builder/pfsense-231/tmp/FreeBSD-src/sys/pfSense amd64
FreeBSD clang version 3.4.1 (tags/RELEASE_34/dot1-final 208032) 20140512
CPU: Intel(R) Core(TM) i7-4820K CPU @ 3.70GHz (3702.33-MHz K8-class CPU)
Origin="GenuineIntel" Id=0x306e4 Family=0x6 Model=0x3e Stepping=4
Features=0x1fa3fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,DTS,MMX,FXSR,SSE,SSE2,SS,HTT>
Features2=0xffba2203<SSE3,PCLMULQDQ,SSSE3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV>
AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
AMD Features2=0x1<LAHF>
Structured Extended Features=0x202<TSCADJ,ERMS>
TSC: P-state invariant
Hypervisor: Origin = "VMwareVMware"
real memory = 1073741824 (1024 MB)
avail memory = 999444480 (953 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table: <PTLTD APIC >
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 2 package(s) x 2 core(s)
cpu0 (BSP): APIC ID: 0
cpu1 (AP): APIC ID: 1
cpu2 (AP): APIC ID: 2
cpu3 (AP): APIC ID: 3
random: <Software, Yarrow> initialized
MADT: Forcing active-low polarity and level trigger for SCI
ioapic0 <Version 1.1> irqs 0-23 on motherboard
wlan: mac acl policy registered
ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff806208f0, 0) error 1
ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff806209a0, 0) error 1
ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff80620a50, 0) error 1
iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80647bf0, 0) error 1
iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80647ca0, 0) error 1
iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi/.
iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff80647d50, 0) error 1
netmap: loaded module
kbd1 at kbdmux0
cryptosoft0: <software crypto> on motherboard
padlock0: No ACE support.
acpi0: <INTEL 440BX> on motherboard
acpi0: Power Button (fixed)
Timecounter "HPET" frequency 14318180 Hz quality 950
cpu0: <ACPI CPU> on acpi0
cpu1: <ACPI CPU> on acpi0
cpu2: <ACPI CPU> on acpi0
cpu3: <ACPI CPU> on acpi0
attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0
Event timer "RTC" frequency 32768 Hz quality 0
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> at device 1.0 on pci0
pci1: <ACPI PCI bus> on pcib1
isab0: <PCI-ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel PIIX4 UDMA33 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x1060-0x106f at device 7.1 on pci0
ata0: <ATA channel> at channel 0 on atapci0
ata1: <ATA channel> at channel 1 on atapci0
pci0: <bridge> at device 7.3 (no driver attached)
vgapci0: <VGA-compatible display> port 0x1070-0x107f mem 0xe8000000-0xefffffff,0xfe000000-0xfe7fffff irq 16 at device 15.0 on pci0
vgapci0: Boot video device
mpt0: <LSILogic 1030 Ultra4 Adapter> port 0x1400-0x14ff mem 0xfeba0000-0xfebbffff,0xfebc0000-0xfebdffff irq 17 at device 16.0 on pci0
mpt0: MPI Version=1.2.0.0
pcib2: <ACPI PCI-PCI bridge> at device 17.0 on pci0
pci2: <ACPI PCI bus> on pcib2
pcib3: <ACPI PCI-PCI bridge> at device 21.0 on pci0
pci3: <ACPI PCI bus> on pcib3
vmx0: <VMware VMXNET3 Ethernet Adapter> port 0x4000-0x400f mem 0xfd5fc000-0xfd5fcfff,0xfd5fd000-0xfd5fdfff,0xfd5fe000-0xfd5fffff irq 18 at device 0.0 on pci3
vmx0: Ethernet address: 00:0c:29:3c:3a:c9
pcib4: <ACPI PCI-PCI bridge> at device 21.1 on pci0
pci4: <ACPI PCI bus> on pcib4
pcib5: <ACPI PCI-PCI bridge> at device 21.2 on pci0
pci5: <ACPI PCI bus> on pcib5
pcib6: <ACPI PCI-PCI bridge> at device 21.3 on pci0
pci6: <ACPI PCI bus> on pcib6
pcib7: <ACPI PCI-PCI bridge> at device 21.4 on pci0
pci7: <ACPI PCI bus> on pcib7
pcib8: <ACPI PCI-PCI bridge> at device 21.5 on pci0
pci8: <ACPI PCI bus> on pcib8
pcib9: <ACPI PCI-PCI bridge> at device 21.6 on pci0
pci9: <ACPI PCI bus> on pcib9
pcib10: <ACPI PCI-PCI bridge> at device 21.7 on pci0
pci10: <ACPI PCI bus> on pcib10
pcib11: <ACPI PCI-PCI bridge> at device 22.0 on pci0
pci11: <ACPI PCI bus> on pcib11
vmx1: <VMware VMXNET3 Ethernet Adapter> port 0x5000-0x500f mem 0xfd4fc000-0xfd4fcfff,0xfd4fd000-0xfd4fdfff,0xfd4fe000-0xfd4fffff irq 19 at device 0.0 on pci11
vmx1: Ethernet address: 00:0c:29:3c:3a:d3
pcib12: <ACPI PCI-PCI bridge> at device 22.1 on pci0
pci12: <ACPI PCI bus> on pcib12
pcib13: <ACPI PCI-PCI bridge> at device 22.2 on pci0
pci13: <ACPI PCI bus> on pcib13
pcib14: <ACPI PCI-PCI bridge> at device 22.3 on pci0
pci14: <ACPI PCI bus> on pcib14
pcib15: <ACPI PCI-PCI bridge> at device 22.4 on pci0
pci15: <ACPI PCI bus> on pcib15
pcib16: <ACPI PCI-PCI bridge> at device 22.5 on pci0
pci16: <ACPI PCI bus> on pcib16
pcib17: <ACPI PCI-PCI bridge> at device 22.6 on pci0
pci17: <ACPI PCI bus> on pcib17
pcib18: <ACPI PCI-PCI bridge> at device 22.7 on pci0
pci18: <ACPI PCI bus> on pcib18
pcib19: <ACPI PCI-PCI bridge> at device 23.0 on pci0
pci19: <ACPI PCI bus> on pcib19
vmx2: <VMware VMXNET3 Ethernet Adapter> port 0x6000-0x600f mem 0xfd3fc000-0xfd3fcfff,0xfd3fd000-0xfd3fdfff,0xfd3fe000-0xfd3fffff irq 16 at device 0.0 on pci19
vmx2: Ethernet address: 00:0c:29:3c:3a:dd
pcib20: <ACPI PCI-PCI bridge> at device 23.1 on pci0
pci20: <ACPI PCI bus> on pcib20
pcib21: <ACPI PCI-PCI bridge> at device 23.2 on pci0
pci21: <ACPI PCI bus> on pcib21
pcib22: <ACPI PCI-PCI bridge> at device 23.3 on pci0
pci22: <ACPI PCI bus> on pcib22
pcib23: <ACPI PCI-PCI bridge> at device 23.4 on pci0
pci23: <ACPI PCI bus> on pcib23
pcib24: <ACPI PCI-PCI bridge> at device 23.5 on pci0
pci24: <ACPI PCI bus> on pcib24
pcib25: <ACPI PCI-PCI bridge> at device 23.6 on pci0
pci25: <ACPI PCI bus> on pcib25
pcib26: <ACPI PCI-PCI bridge> at device 23.7 on pci0
pci26: <ACPI PCI bus> on pcib26
pcib27: <ACPI PCI-PCI bridge> at device 24.0 on pci0
pci27: <ACPI PCI bus> on pcib27
vmx3: <VMware VMXNET3 Ethernet Adapter> port 0x7000-0x700f mem 0xfd2fc000-0xfd2fcfff,0xfd2fd000-0xfd2fdfff,0xfd2fe000-0xfd2fffff irq 17 at device 0.0 on pci27
vmx3: Ethernet address: 00:0c:29:3c:3a:e7
pcib28: <ACPI PCI-PCI bridge> at device 24.1 on pci0
pci28: <ACPI PCI bus> on pcib28
pcib29: <ACPI PCI-PCI bridge> at device 24.2 on pci0
pci29: <ACPI PCI bus> on pcib29
pcib30: <ACPI PCI-PCI bridge> at device 24.3 on pci0
pci30: <ACPI PCI bus> on pcib30
pcib31: <ACPI PCI-PCI bridge> at device 24.4 on pci0
pci31: <ACPI PCI bus> on pcib31
pcib32: <ACPI PCI-PCI bridge> at device 24.5 on pci0
pci32: <ACPI PCI bus> on pcib32
pcib33: <ACPI PCI-PCI bridge> at device 24.6 on pci0
pci33: <ACPI PCI bus> on pcib33
pcib34: <ACPI PCI-PCI bridge> at device 24.7 on pci0
pci34: <ACPI PCI bus> on pcib34
acpi_acad0: <AC Adapter> on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: model IntelliMouse, device ID 3
orm0: <ISA Option ROMs> at iomem 0xc0000-0xc7fff,0xc8000-0xc9fff,0xca000-0xcafff,0xcb000-0xcbfff,0xcc000-0xccfff,0xcd000-0xcdfff,0xdc000-0xdffff,0xe0000-0xe7fff on isa0
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ppc0: cannot reserve I/O port range
Timecounters tick every 10.000 msec
random: unblocking device.
da0 at mpt0 bus 0 scbus2 target 0 lun 0
da0: <VMware Virtual disk 1.0> Fixed Direct Access SCSI-2 device
da0: 320.000MB/s transfers (160.000MHz, offset 127, 16bit)
da0: Command Queueing enabled
da0: 8192MB (16777216 512 byte sectors)
da0: quirks=0x40<RETRY_BUSY>
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
Trying to mount root from ufs:/dev/da0s1a [rw]...
vmx2: link state changed to UP
vlan0: changing name to 'vmx2_vlan20'
vmx0: link state changed to UP
vmx1: link state changed to UP
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
tun1: changing name to 'ovpns1'
pflog0: promiscuous mode enabled
ovpns1: link state changed to UP
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:e0:b0:0a is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 192.168.1.1 moved from fc:52:8d:1b:40:65 to 00:0c:29:73:ef:7d on vmx1
arp: 192.168.1.1 moved from 00:0c:29:73:ef:7d to fc:52:8d:1b:40:65 on vmx2
arp: 192.168.1.1 moved from 00:0c:29:73:ef:7d to fc:52:8d:1b:40:65 on vmx2
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:7d is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
arp: 00:0c:29:73:ef:73 is using my IP address 172.16.0.1 on vmx2!
-
It looks like you have multiple VMs set up with the same internal IP 172.16.0.1. Other OPNsense instances for testing maybe?
-
no i don't have class B on my network at all.
after some reboot couple of times, the devices is ok now.
thank you for your continu support.
i am testing the software now and will report back as i found something
-
VMWare uses Class B as its internal NAT network that all NAT-configured network cards of the VMs share with each other.
-
this the way I've configure it . but it has nothing to do with respond.
somehow stuff start working after last day and no issue noted.
thank you