OPNsense Forum
English Forums => General Discussion => Topic started by: thewolf56 on March 13, 2018, 07:35:15 pm
-
Hello.
I had hoped to have a better first post to the forum, but I keep coming to a dead-end to such a simple question.
This is my first time using OPNSense. I had played around with another product in a virtual machine prior to ordering a Qotom q355-g4, but once I had the actual hardware, I decided to try OPNSense (for some reason,I had issues trying to load it into a VM, so abandoned that endeavor until I had dedicated hardware).
I had the issue trying to do a bare metal clean install of 18.1 directly, so I installed 17.5 and then eventually upgraded to 18.1.4 through the GUI.
As I am still setting this up, I only have 1 computer in use behind it through wired LAN (double NAT behind OPNsense box and ISP gateway (will bridge ISP gateway to PPPoE once OPNSense setup is complete and tested)). Already have a Ubiquiti AC-Pro running for WIFI. OPNSense box is still connected to a KB and monitor in case I need to make changes on the console.
I am still learning a lot about networking and reading different forum posts and logs, but I have a really simple question.
Where can I find the command line to run scripts? I looked through out the GUI, used the search function (GUI, Wiki, forums), Google, etc. but I am unable to find where to actually open the CLI to be able to run scripts.
Thanks in advance.
-
Hi and welcome!
May I ask what issues did you have at install?
Here is an example about running scripts, also to schedule them from the GUI. Partially what you wanted:
https://forum.opnsense.org/index.php?topic=7316
Don't be alarmed about what the example is about, it's a localized issue, big chance you will not have any :)
-
Thank you, elektroinside.
I'll take a look at that post and try to follow along. My box is not in use yet, so if I mess something up, I am not opposed to a clean install (at this point).
May I ask what issues did you have at install?
I actually had the segmentation fault issue that you posted the workaround to when installing to the Qotom box.
https://forum.opnsense.org/index.php?topic=7329.msg33100#msg33100
The issues I was having with the VM had to do I think with NIC configuration. I couldn't get in the GUI for OPNSense and when I had the OPNSense VM running, I had computers on my network having issues connecting to the internet. Didn't have that issue when running another product running in VM to test.
-
You're welcome.
Enjoy your stay and OPNsense! :)
-
I just wanted to say thanks again.
I was able to connect with PuTTY by following your post (after enabling ssh in the GUI) and ran the script to install the Unifi controller. I checked that I could connect to the Unifi controller's webpage (but did not actually use the wizard as my AP is not connected to it). I already configured Dynamic DNS and confirmed it works. Now I just need to configure OpenVPN and test it before putting it in service.
I tried to find boot/loader.config.local but was unable to find it using WinSCP.
I will also need to learn more about failover WAN as I want to setup an LTE modem as a backup, but will need to figure out how to use rules to limit access to the backup WAN to only certain devices.
I still need to read up on some of the popular services I see mentioned and what they do. I don't think I need a traffic shaper, but some other items look interesting.
Lots to learn and I am already glad I am trying this route.
-
The devs, for whatever reason, decided not to have a shell portal from the GUI.
You can get to the shell from the console, or just use putty as already mentioned.
-
A GUI shell widget idea was trashed after concluding it would be an exploit vector sooner or later.
A well-designed (and validated and restricted) CLI on top of the API would still be a future option though.
For everything else there will always be SSH.
Cheers,
Franco
-
I'm personally just fine with the shell. I don't need a CLI :-)
-
A GUI shell widget idea was trashed after concluding it would be an exploit vector sooner or later.
I try to harden the GUI as much as possible.
A well-designed (and validated and restricted) CLI on top of the API would still be a future option though.
The PowerShell stuff looks good (even if I don't use it).
For everything else there will always be SSH.
SSH is the core component to communicate with my dev VM. Without it, I would have to implement some bad workarounds.
-
Now I don't feel so dumb for not being able to find it through the GUI.
Now that I know to either use the console directly (won't be an option for much longer) or use SSH, I'm good to go on that front.
I appreciate everyone's help. I especially appreciate the fact that a developer came here and explained the rationale behind the omission of the CLI without being asked.
Now, more to read and learn before putting it in use full time. I think I'm going to enjoy learning more about this product.