Messages

1

19.1 Legacy Series / Re: OPNsense 19.1.x and DNSoverTLS with Hostname Verification

« on: June 16, 2019, 10:22:37 pm »

This is great! Thank you, opnfwb!

I would like to add the following. In addition to the above configuration, in System:Settings:General you have to remove all dns servers. It must be blank as shown in the attached image. Also, LibreSSL doesn't seem to work for longer than just a few seconds for me. I had to switch to OpenSSL.

2

19.1 Legacy Series / Re: Upgrade from 18.7.10_4 to 19.1.1 fails

« on: April 17, 2019, 09:55:45 am »

This sounds like it could be related to my issue.

https://forum.opnsense.org/index.php?topic=12164.msg56551#msg56551

3

19.1 Legacy Series / Re: Is it safe to upgrade to 19.1.4 now?

« on: April 04, 2019, 09:26:54 pm »

I have upgraded 4 Qotoms from 18.7.10 to 19.1.4 this week with mixed success. The first one was a remote upgrade that went smooth. No problems at all so I thought I was gucci. But the second one (remote upgrade) didn't come back after the upgrade so I had to go to the client site and I swapped it with another Qotom with 18.7.10 while I did trouble shooting. I figured out the issue was with the virtual terminal so on the remote box I cleared that option and did another upgrade expecting it would go through this time. No dice. Had to go back to client site again and this time when I logged into the console none of the router functions had started and it would drop me straight into a bash shell. So I just did a fresh install from usb stick, restored the configuration, and had got it working. I chalked it up to a possible mistake I made while performing the upgrade and thought everything was fine.. So after I worked around those issues I thought I had everything figured out so I did a third install and this one went smoothly. Unfortunately I played with fire one more time and on a 4th upgrade I again had the problem where on reboot the router functions didn't start and when logging in it dropped me straight into the bash shell. Again I had to perform a fresh install and restore the configuration. Any thoughts what might be going on?

4

18.7 Legacy Series / Re: OPNsense 18.7.8 in VM on XCP-ng 7.5.1 ... slow throughput

« on: December 02, 2018, 05:36:03 am »

I think I did #6 on this page to get it working for me.

https://support.citrix.com/article/CTX212540

5

18.7 Legacy Series / Re: Problems running Unifi controller on 18.7

« on: November 06, 2018, 07:56:42 pm »

I found a solution to "fix" a broken installation but it requires a working installation. On the router/controller which is working run the following commands:

pkg create mongodb
pkg create mongodb34
pkg create cyrus-sasl

The first command generates a pretty big file so it took a while to run. But those commands will create three files. On mine they were mongodb-2.6.12_5.txz, mongodb34-3.4.16.txz, and cyrus-sasl-2.1.26_13.txz. Copy those files to the router/controller with the broken installation. Run the following commands on that router:

pkg add -f mongodb-2.6.12_5.txz
pkg add -f mongodb34-3.4.16.txz
pkg add -f cyrus-sasl-2.1.26_13.txz


That worked for me. Your mileage may vary.

6

18.7 Legacy Series / Re: Problems running Unifi controller on 18.7

« on: October 31, 2018, 07:19:48 pm »

There is a way to compile all of the packages from the opnsense source tree... I found the instructions (somewhere) and tried it about a year ago... It took several hours (8-10ish). I think it would have worked but there was a big in the Java runtime at the time so I gave up until I found the above scripta couple weeks later which worked and was orders of magnitude faster.

7

18.7 Legacy Series / Re: Problems running Unifi controller on 18.7

« on: October 31, 2018, 05:00:54 am »

Or maybe I haven't updated?  Looks like a similar issue in this thread

https://forum.opnsense.org/index.php?topic=10095.0

8

18.7 Legacy Series / Re: Problems running Unifi controller on 18.7

« on: October 31, 2018, 04:37:55 am »

The Unifi controller is working for me on 18.7. try running the script again which will update the controller version and all required packages. Version 2 of mongodb was deprecated recently to force people onto version 3.. maybe issues with version 2 is what you are seeing

9

18.7 Legacy Series / Re: [resolved] ipv6 problems with 18.7

« on: August 10, 2018, 02:08:02 am »

I applied both patches and my issue appears to be fixed. I really appreciate it. Thank you!

10

18.7 Legacy Series / [resolved] ipv6 problems with 18.7

« on: August 09, 2018, 09:14:52 pm »

I recently upgraded to 18.7 from 18.1. Prior to 18.7 ipv6 (mostly, see below) worked fine but since the upgrade the dhcpv6 service crashes or stops shortly after boot and computers on the network don't get an address (though my laptop did get an ipv6 address one time apparently before the service stopped). Restarting the service doesn't work. I can't find any logs associated with the dhcpv6 service to get any information about what may be happening.

The second issue (and it maybe related) is a little more complicated. I have a VLAN associated with the same port as my LAN which I use for guest wifi. The Unifi AP tags the packets for the guestwifi with the VLAN id. It works great on ipv4 but with ipv6 something is leaking. My laptop which connects to my LAN wifi (not the guest) ends up getting 4 ipv6 addresses; two for the LAN network (which my laptop connects to over non guest wifi) but also 2 ipv6 addresses for the guest network even though it's not connected to the guest wifi.

Any ideas what is going on or what I can do to start debugging?

Thanks

11

18.1 Legacy Series / Re: The same DHCP pool on different interface

« on: July 08, 2018, 01:56:54 am »

I think what you want to do is create a bridge from the two interfaces and then assign the new bridge interface to your network. The DHCP pool for the bridge will go across the two interfaces

12

18.1 Legacy Series / Re: connection to a nonserving port on localhost

« on: July 08, 2018, 01:25:59 am »

My guess is you would need to add a rule to firewall to allow the connection.

13

18.1 Legacy Series / Re: How to start the installer script from the DVD iso image?

« on: June 22, 2018, 01:34:13 am »

Can you make the text blink?

"LOGIN AS 'installer' TO INSTALL OPNSENSE"

If it's bright/bold and blinking and they still can't figure it out then idk.

14

18.7 Legacy Series / Re: OpenVPN client

« on: June 21, 2018, 04:50:28 am »

Here are the rules that I have

root@opnsense:~ # pfctl -s nat | grep open
nat on openvpn inet all -> (openvpn:0) port 1024:65535 round-robin
rdr on openvpn inet proto tcp from any to (xn0) port = ssh -> 192.168.8.33 port 22
rdr on openvpn inet proto udp from any to (xn0) port = 3478 -> 192.168.7.1 port 3478

The last two are automatic generated rules. The screenshot shows my rule in the web interface.

15

18.1 Legacy Series / Re: [SOLVED]OPNsense installed but no ipv4 internet for home network

« on: June 15, 2018, 06:23:03 am »

You may need to add firewall rules to allow LAN access to the internet.