Messages

Hi Eleanor-Fiona

I have Opnsense running on a Proxmox the last 8-9 years.

Question:

• - when installing Opnsense from DVD/image, did you see the 10G size of the virtual disk
• - did you change the disk size in Proxmox after installation of Opnsense

What do you see in the dashboard of OPnsense under Disk usage?
What does the output of the "df" command give you?

Kind regards
Sebastian

Hi

The advanced configuration on the OpenVPN Client creation page has for a long time been marked as being replaced/removed.
Is there a chance the features like "ping settings"(ping method/interval/timeout), UDP Fast I/O, Exit Notify, Send/Receive Buffer, persist-key/persist-tun, Gateway creation options could be integrated in the creation page?
I can see in the config(/var/etc/openvpn/client_.conf) that some of this features are set automatically, is there a description about that?

Kind regards
Sebastian

Hi all

First of all i would like to thank the team for the excellent work they are doing with Opnsense :)

i have a problem with the creation of gateways for all the VPN interfaces i use.
By default there is always a ipv4 and ipv6 gateway created.
On an earlier version of Opnsense(i think before version 19) it was possible to rename and them delete the ipv6 versions i dont use. Now this is not possible anymore.
The only possible solution is to deactivate them.

By readiing a guide how to set up a multi vpn wan system i saw that the latest version for pfsense has now an option in the OpenVPN Client creation wizard to change the default option from "both" to ipv4 only or ipv6 only.

Is there any chance that such an option would be integrated into the OpenVPN client creation wizard in Opnsense or is there the possibility to do this manually?

Kind regards
Sebastian

Since it's an VM, i did an new install to fix the problem.
I did encounter the same problem once more after an unclean shutdown.

Maybe that was the problem

Still the same result.

All i have tried doesnt help.

Tried, but its still the same.

Is it possible to reset/delete things in the suricata folder to trigger the creation of new files?

Hi Fabian

Thanks for the reply.

I'am not shure this is the right command, but it produced the same output

#service suricata restart
suricata not running? (check /var/run/suricata.pid).
Starting suricata.
9/9/2017 -- 12:13:31 - <Info> - Including configuration file installed_rules.yaml.
/usr/local/etc/rc.d/suricata: WARNING: failed to start suricata

Are there other commands I can try?

Regards
Seb

Hi all

First I want to thank the OPNsense Team for the excellent work they are doing, this is an amazing product.

I have a problem with suricata.
After some small changes in the configuration(don't really remember what I changed), suricata doesn't want to start.
I have tried disabling it and reboot, changing the settings back and forth, reinstall suricata....
but nothing helps.
When I try to start it from the GUI, the following lines appear in the log:
Sep 9 11:08:08 configd.py: [f7917fa0-b5e3-4953-8317-1094d29ece73] returned exit status 1
Sep 9 11:08:08 root: /usr/local/etc/rc.d/suricata: WARNING: failed to start suricata
Sep 9 11:08:08 configd.py: [f7917fa0-b5e3-4953-8317-1094d29ece73] start suricata daemon

Since I'm no expert, I really don't know what it means.

Help please! :)

Little update on the progress:
When starting the virtual machine choosing generation 2(UEFI support) does not work on my system.
By choosing generation 1, the os installes without a flaw and the basic systems works well.
I found to sings that are not working:
- not possible to update if LibreSSL is selected as the firmware flavour-> i suppose this is by design?
- trying to install suricata ids brakes the install.
I have tried different methodes but in the end all end in the same way.
In the last atempt the whole intrution detection page is vanished after a forced restart.
The only way i found to get back to a completely functioning base system is a reinstall.

Still thanks for the fantastic work everybody is putting into Opnsense

Regards
Sebastian

Hi all

I would like to give the 17.1 Beta a try.
Is there anybody that has tried it in Hyper-V?
Are there any known issues?

Thanks
Sebastian

I had the serial console as primary since that's the one i'am using from other places then the serverrack.
I will try to enable suricata again when I have a little more time.


Regards
Sebastian

Hi
Thanks for the quick answer.
I couldn't reach the Gui, but i solved it in another way.
Rebooting the box without the WAN and LAN cable connected booted the box correctly and by inserting the LAN cable afterwards is was able to login to the Gui.
Disabling Suricata brought the box back to normal behaviour.  ;)
Does anybody know if the suricata guide in the docu is updated for the new version?

Now to the console menu
By setting the VGA to second console the menu is back, but i don't se the complete bootup anymore. I use the uefi bootup option, do i have to set the efi console as first option?

Regards
Sebastian

Hi

After updating to 16.7.11_1 i lock me out of the my opnsense box.
When i tried to login through the console menu i noticed its not visible anymore.
I restarted the box and after the bootup the only thing that is visible is welcome menu and the interface list.
The only keyboard input that works is ctrl+alt+del which triggers a shutdown.

Is this supposed to be like this/are there new settings too enable the menu?

Regards
Sebastian

Hi Franco

Thanks for the reply.
Short a explanation about the interfaces on the motherboard:
It has 2x SFP Intel i350 interfaces(igb0 and igb1) and 6 gigabit lan(em0-em5).
I use right now em0 as WAN and em1 as LAN. All the other em interfaces are disabled in the BIOS(the igb interfaces can not be disabled in the BIOS).
When reinstalling i assign the em0 and em1 interface manually throught the com consol on the motherboard.
After the initial setup i tried to restore the last configuration, but after the reboot none of the em interfaces are assigned.
When i then again reassign the interfaces as they should be, some of the settings that depend on the interface have to be altered ->firewall rules/NAT Port Forward/NAT Outbound
Do you have any tip what i do wrong?
...or is it the fundamental changes in FreeBSD that make the restoring of the config after upgrades difficult?

Still, thanks for a great product and all the good work
Regards
Sebastian

UPDATE:
A complete new install fixed the problem.
One thing i noticed was that i was not able to reinstall and use the old config.
All the interfaces where assiged different, so they had to be assigned manually before parts of the old config could be applied.

Regards
Sebastian