Messages

1

24.7 Production Series / Re: Traceroute / ICMP issue after 24.7.1 update

« on: August 21, 2024, 03:58:46 pm »

updated to 24.7.2, but i'm still losing some random packets on ipv6 ping (going out, only a jump after my firewall)

Code: [Select]

--- ipv6.abc.xyz ping statistics ---
1566 packets transmitted, 1547 received, 1.21328% packet loss, time 1567560ms
rtt min/avg/max/mdev = 0.185/2.232/1482.222/43.446 ms, pipe 2
I was more stable on "24.7.1-pf4" (no packet loss)

2

24.7 Production Series / Re: Traceroute / ICMP issue after 24.7.1 update

« on: August 14, 2024, 02:19:29 pm »

Any idea why I can't get my hand on 24.7.1-pf4 ?

Code: [Select]

# opnsense-update -zkr 24.7.1-pf4
Fetching kernel-24.7.1-pf4-amd64.txz: ..[fetch: https://pkg.opnsense.org/FreeBSD:14:amd64/snapshots/sets/kernel-24.7.1-pf4-amd64.txz.sig: Not Found] failed, no signature found

3

24.1 Legacy Series / Re: Update 24.1.10 kills Orange FR ISP connection

« on: July 13, 2024, 11:42:20 am »

Is it fixed by "24.1.10_2" ? (Changelog says "dhcpv6 multicast problem", not vlan priority)

4

23.7 Legacy Series / Re: Crowdsec (and munin?) plugins fail with 23.7.4 upgrade ?

« on: September 18, 2023, 12:42:54 pm »

I took some time to investigate further, and the problem was way more simple that I thought .. I had no gateway for the DNS, so timeout was quite logical for every url / outbound access.

Changed it under System > Settings > General, and everything is now running smoothly.

5

23.7 Legacy Series / Re: Crowdsec plugin fails with 23.7.4 upgrade ?

« on: September 18, 2023, 10:18:55 am »

still not working for me with a plugin or even a full reboot.

6

23.7 Legacy Series / Re: Crowdsec plugin fails with 23.7.4 upgrade ?

« on: September 15, 2023, 09:51:42 am »

restart of crowdsec plugin only ?

7

23.7 Legacy Series / Re: Crowdsec plugin fails with 23.7.4 upgrade ?

« on: September 15, 2023, 09:19:32 am »

rolled back to 23.7.3, everything is running fine again. I'll open a ticket with crowdsec.

8

23.7 Legacy Series / [SOLVED] Crowdsec (and munin?) plugins fail with 23.7.4 upgrade ?

« on: September 14, 2023, 11:55:04 pm »

I upgrade to 23.7.4 this evening.
The reboot took a lot more time, like a service timeout.
After few long minutes it looks like crowdsec plugins isn't correctly start (nothing listening on port, timeout on the cli).

Anyone else getting this behavior?

9

23.1 Legacy Series / Re: Upgrade to 23.1.5 - No wireguard traffic (empty alias problem?)

« on: March 30, 2023, 10:10:19 am »

23.1.5_2 fixed it.

10

23.1 Legacy Series / Re: Something is seriously wrong with OPNSense 23.1.5

« on: March 29, 2023, 06:20:21 pm »

If you use network aliases, you should take a look at https://forum.opnsense.org/index.php?topic=33295.0

11

23.1 Legacy Series / Re: Upgrade to 23.1.5 - No wireguard traffic

« on: March 29, 2023, 03:54:10 pm »

I have multiple WAN ip on my server.
WAN1 and WAN2 are alias to thoses ip :


WAN1 alias is empty in diag:


So rules with this alias are not working :


Is a replace WAN1 by the ip address directly, it works.

12

23.1 Legacy Series / Re: Upgrade to 23.1.5 - No wireguard traffic

« on: March 29, 2023, 03:41:06 pm »

yes, "WAN1" is empty.

I changed the rule to use an IP instead of the alias .. and it's working.

13

23.1 Legacy Series / Re: Upgrade to 23.1.5 - No wireguard traffic

« on: March 29, 2023, 03:31:06 pm »

Yes, a lot (as a destination WAN ip for wireguard rule for example)

14

23.1 Legacy Series / Upgrade to 23.1.5 - No wireguard traffic (empty alias problem?)

« on: March 29, 2023, 03:12:29 pm »

Hi

I just upgrade to OPNsense 23.1.5 on my 2 sites (home and remote). And since the reboot of both server, I have no traffic on the wireguard interface.
- No traffic from any client to the main (remote) server
- No traffic between the 2 site (wireguard site-to-site)

Changelog of this version show no impact on wireguard.
The configuration has not changed since few months, and previous upgrade went smoothly, pointing to an upgrade error on 23.1.5 ?

(plugins os-wireguard is installed but os-wireguard-go is not)

Code: [Select]

interface: wg0
  public key: 5awzdJKxxxxxxxxx
  private key: (hidden)
  listening port: 994

peer: O5Wxxxxxxxx
  allowed ips: 10.7.0.225/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds

peer: L/W9xxxxx
  allowed ips: 10.7.0.210/32

peer: jbx
  allowed ips: 10.7.0.200/32
  transfer: 0 B received, 31.94 KiB sent
  persistent keepalive: every 20 seconds

peer: EjjDFxxxxxxx
  allowed ips: 10.7.0.130/32
  transfer: 0 B received, 32.38 KiB sent
  persistent keepalive: every 20 seconds

peer: n8gxxxx
  allowed ips: 10.7.0.132/32
  transfer: 0 B received, 31.94 KiB sent
  persistent keepalive: every 20 seconds

peer: B2Cxxxxx
  allowed ips: 10.7.0.134/32
  transfer: 0 B received, 32.38 KiB sent
  persistent keepalive: every 20 seconds

peer: QTxxxx
  allowed ips: 10.7.0.133/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds

peer: Saxxxxxx
  allowed ips: 192.168.1.0/24, 10.7.0.254/32
  transfer: 0 B received, 31.22 KiB sent
  persistent keepalive: every 25 seconds

peer: 2Dxxxxxx
  allowed ips: 10.7.0.221/32
  transfer: 0 B received, 32.23 KiB sent
  persistent keepalive: every 20 seconds


15

22.1 Legacy Series / Re: Wireguard is not working after the last patch (OPNsense 22.1.2_1-amd64)

« on: April 09, 2022, 02:27:24 pm »

**  solved for my specific case, site-to-site endpoints should not have endpoint port and adress **