Messages

Hello. So I just upgraded to 24.7.5 on a Proxmox VM with crowdsec and all went well. Reboot VM at end of upgrade. Its a little N5105 box.

So I'm on OPNsense 23.1.3_4-amd64. I have been running with "schnerring" guide since it was posted. I substitute in Surfshark Wireguard. I followed "pmhausen" advice initially and that seem to work. I did try the above procedure and everything seems to work great (touch wood).
Thank you for the hard work on developing OPNsense. Thank you "schnerring" for the guide.

So I installed OPNsense 23.1 with Wireguard onto Proxmox 7.3-4 using a config.xml backup. I passthrough nics and the usb stick.I used pmhausen suggestion. I installed the Plugins (even the wireguard plugin,  just the missing one) rebooted and all is good. os-wireguard-go shows as installable, so I think I'm using wireguard-kmod. I installed patch # opnsense-patch -c plugins 2ed1f987eb97d, don't know if i needed to. As it stands all is working great (touch wood). Thank you for the assistance and thank you for another great release!

I'm using Wireguard. I install the os-wireguard plugin and then "pkg install wireguard-kmod".
To test 23.1 would I "# opnsense-update -ur 23.1.r1" then remove the plug-in or remove it from 22.7.10_2 before the update.

Hello, I run OPNsense 22.7_4-amd64 on Proxmox 7.2-7 with three Intel nics passthrough. If I add "iommu=pt" to my boot command line, it reduces my nics to 100TX from 1000TX.

I add only "quiet intel_iommu=on"

/etc/modules
vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd

I dont know if this helps you, but it work for me. No idea way.
I played around with VYOS and had the same problem. So i dont think its a OPNsense problem. For me anyway.

Hello.
It's probably me over thinking this or just being a little daft.
I want to restart my openVPN (Surfshark) connection when it goes down.
It never has the same ip. I have searched the forum and found some information, but find myself really confused right now.
Is their not a simple straight forward way of implementing this.
I'm running OPNsense 22.1.9-amd64.

Everything seems to be good with:

# opnsense-update -bkzr 22.7.b
# opnsense-shell reboot

##Proxmox 7.2

# Intel Corporation I350 Gigabit Network Connection two port passthrough
Port One = WAN
Port Two = Vlan parent (4 vlan in total)

# Intel Corporation 82574L Gigabit Network Connection passthrough
LAN

No parent interface enabled

openVPN to Surfshark

Used this Guide:
https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/
Substituted OpenVPN for Wineguard

OPNsense 22.1.8_1-amd64
FreeBSD 13.1-RELEASE
OpenSSL 1.1.1o 3 May 2022

os-api-backup (installed)   1.0_1   2.35KiB   OPNsense
os-chrony (installed)   1.5   20.6KiB   OPNsense
os-firewall (installed)   1.1   56.4KiB   OPNsense
os-qemu-guest-agent (installed)   1.1   19.2KiB   OPNsense
os-theme-rebellion (installed)   1.8.8   5.20MiB   OPNsense
os-udpbroadcastrelay (installed)   1.0_2   44.8KiB   OPNsense
os-wol (installed)

I've been using OPNsense on a Bare Metal box, so will post any problems I encounter with this VM.

Hello:
I have OPNsense 22.1.1_3 on Proxmox 7-1.10 with 3 Intel nics passed through, I have Surfshark VPN and 4 vlans. I setup with this guide (https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/).

In the past I had a problem with VMs and vlan connections, but it was my Proxmox setup that was the problem.
Everything is running rock solid as of this writing. ( touch wood. )
Went everything is running good I don't update for a week or so. I let small bugs work their way out. If it's not broke don't fix it syndrome.

Again, try to look at your Proxmox network setup. I know I'm not really giving you a solution, but I know its possible.
Try rolling back to 22.1.1_3.

Brian

Hello I know it's a little late, but this is what I use on a Proxmox VM with intel cards passed through.

dev.igb.0.eee_control    Disable Energy Efficient Ethernet    runtime    0    
dev.igb.0.fc                    Flow Control                                    runtime    0    
dev.igb.1.eee_control    Disable Energy Efficient Ethernet    runtime    0    
dev.igb.1.fc                    Flow Control                                    runtime    0

I have also used this on a bare metal install.

On Proxmox:
igb.0 is WAN
igb.1 is parent for VLAN's
Also have em0 on LAN in Proxmox ,but don't do anything for it.
Hope this helps.

Well done. Thank you.

Hello I'm the Original Poster and have just installed 21.7.
Everything seems to work again.
I had a problem with vlans not coming up in 21.7R2, so I went back and installed from 21.1.9-1.
This is how I installed 21.7, Again In a ProxMox VM with a intel I350 passedthrough.

I have no additional repos, just the originals.
These are the plugins I have:

os-api-backup (installed)   1.0_1   2.35KiB   OPNsense   Provide the functionality to download the config.xml   
os-dyndns (misconfigured)   1.24_2   169KiB   OPNsense   Dynamic DNS Support   
os-firewall (installed)   1.0_2   56.0KiB   OPNsense   Firewall API supplemental package   
os-mdns-repeater (installed)   1.0_1   14.7KiB   OPNsense   Proxy multicast DNS between networks   
os-theme-rebellion (installed)   1.8.7   5.20MiB   OPNsense   A suitably dark theme   
os-wol (installed)

From a working config I added a dvd iso in hardware.
Changed the boot order.
Booted to iso.
At importer I selected hard drive on the VM
OPNsense imported my config. I checked and my network was up and working.
Logged in as "installer" and used my password (not opnsense).
Installed using zfs. I did not select a drive until I was prompted too.
Selected reboot at end of installer, but contolled C to stop reboot.
At CLI I selected power down system and changed boot order to scsi0 in my VM config.
Removed my DVD from VM also.
Then fired up VM added everything came back up.

I thought maybe this would help someone.

Brian

I used the the DVD iso. At the end I logged in as root, then selected option 8 (shell)
then entered opnsense-installer. Hope that helped.

Time well spent, I'd say.

Just installed 21.7R1 on a VM in Proxmox 7.0. I have a Intel I350 T2 bypassed through to a vm. i have  Surfshark VPN on a vlan. I imported my config at install to a zfs install. I also have a lan bridge through proxmox.
Everything seems to work fine.

Don't know if you want to hear of successful installs here, but wanted to post of my experience.
Thank you for all your work on this.

So I restored OPNsense from a VM backup.
Removed all "Firewall: NAT: Outbound" ,except for the Surfshark Wan NAT.
I implimented the "Hybrid outbound NAT rule generation" Mode.
I removed the Default reject IPv4 and Default reject IPv6 rules on all vlans.

Now my containers get net access again. I would like to understand that , but grateful its working.
Just created a new Debian Container for pihole and apt update worked so internet works .

So I would like to get pihole working ,but my setup (unbound) is setup like the nguvu setup. Only difference is I include VL30_CLRNET in unbound as I dont us DNS Forwarder. The whole localhost thing.
What is the difference between "Local Zone Type" static and transparent.
I also have this in "Custom options:
local-data: "local.lan. 10800 IN SOA opnsense.local.lan. root.local.lan. 1 3600 1200 604800 10800"

Do you think this will conflict with a pihole setup
Would I change "opnsense.local.lan" to pihole's address.

I wouldn't mind Team-viewer idea ,but I'm running Arch Linux and a have to compile it I think.

I know this is a bit off my origianl post. I do appreciete your help so far.