Messages

This is great! Thank you, opnfwb!

I would like to add the following. In addition to the above configuration, in System:Settings:General you have to remove all dns servers. It must be blank as shown in the attached image. Also, LibreSSL doesn't seem to work for longer than just a few seconds for me. I had to switch to OpenSSL.

This sounds like it could be related to my issue.

https://forum.opnsense.org/index.php?topic=12164.msg56551#msg56551

I have upgraded 4 Qotoms from 18.7.10 to 19.1.4 this week with mixed success. The first one was a remote upgrade that went smooth. No problems at all so I thought I was gucci. But the second one (remote upgrade) didn't come back after the upgrade so I had to go to the client site and I swapped it with another Qotom with 18.7.10 while I did trouble shooting. I figured out the issue was with the virtual terminal so on the remote box I cleared that option and did another upgrade expecting it would go through this time. No dice. Had to go back to client site again and this time when I logged into the console none of the router functions had started and it would drop me straight into a bash shell. So I just did a fresh install from usb stick, restored the configuration, and had got it working. I chalked it up to a possible mistake I made while performing the upgrade and thought everything was fine.. So after I worked around those issues I thought I had everything figured out so I did a third install and this one went smoothly. Unfortunately I played with fire one more time and on a 4th upgrade I again had the problem where on reboot the router functions didn't start and when logging in it dropped me straight into the bash shell. Again I had to perform a fresh install and restore the configuration. Any thoughts what might be going on?

I think I did #6 on this page to get it working for me.

https://support.citrix.com/article/CTX212540

I found a solution to "fix" a broken installation but it requires a working installation. On the router/controller which is working run the following commands:

pkg create mongodb
pkg create mongodb34
pkg create cyrus-sasl

The first command generates a pretty big file so it took a while to run. But those commands will create three files. On mine they were mongodb-2.6.12_5.txz, mongodb34-3.4.16.txz, and cyrus-sasl-2.1.26_13.txz. Copy those files to the router/controller with the broken installation. Run the following commands on that router:

pkg add -f mongodb-2.6.12_5.txz
pkg add -f mongodb34-3.4.16.txz
pkg add -f cyrus-sasl-2.1.26_13.txz


That worked for me. Your mileage may vary.

There is a way to compile all of the packages from the opnsense source tree... I found the instructions (somewhere) and tried it about a year ago... It took several hours (8-10ish). I think it would have worked but there was a big in the Java runtime at the time so I gave up until I found the above scripta couple weeks later which worked and was orders of magnitude faster.

Or maybe I haven't updated?  Looks like a similar issue in this thread

https://forum.opnsense.org/index.php?topic=10095.0

The Unifi controller is working for me on 18.7. try running the script again which will update the controller version and all required packages. Version 2 of mongodb was deprecated recently to force people onto version 3.. maybe issues with version 2 is what you are seeing

I applied both patches and my issue appears to be fixed. I really appreciate it. Thank you!

I recently upgraded to 18.7 from 18.1. Prior to 18.7 ipv6 (mostly, see below) worked fine but since the upgrade the dhcpv6 service crashes or stops shortly after boot and computers on the network don't get an address (though my laptop did get an ipv6 address one time apparently before the service stopped). Restarting the service doesn't work. I can't find any logs associated with the dhcpv6 service to get any information about what may be happening.

The second issue (and it maybe related) is a little more complicated. I have a VLAN associated with the same port as my LAN which I use for guest wifi. The Unifi AP tags the packets for the guestwifi with the VLAN id. It works great on ipv4 but with ipv6 something is leaking. My laptop which connects to my LAN wifi (not the guest) ends up getting 4 ipv6 addresses; two for the LAN network (which my laptop connects to over non guest wifi) but also 2 ipv6 addresses for the guest network even though it's not connected to the guest wifi.

Any ideas what is going on or what I can do to start debugging?

Thanks

I think what you want to do is create a bridge from the two interfaces and then assign the new bridge interface to your network. The DHCP pool for the bridge will go across the two interfaces

My guess is you would need to add a rule to firewall to allow the connection.

Can you make the text blink?

"LOGIN AS 'installer' TO INSTALL OPNSENSE"

If it's bright/bold and blinking and they still can't figure it out then idk.

Here are the rules that I have

root@opnsense:~ # pfctl -s nat | grep open
nat on openvpn inet all -> (openvpn:0) port 1024:65535 round-robin
rdr on openvpn inet proto tcp from any to (xn0) port = ssh -> 192.168.8.33 port 22
rdr on openvpn inet proto udp from any to (xn0) port = 3478 -> 192.168.7.1 port 3478

The last two are automatic generated rules. The screenshot shows my rule in the web interface.

You may need to add firewall rules to allow LAN access to the internet.