Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - amichel

Pages1 2 3 ... 6
#1
25.1, 25.4 Production Series / Re: Update to 25.1.2 broke Postfix
February 28, 2025, 10:10:09 PM
I think someone from the team already fixed that.
I just searched for updates and there is a new Postfix release available.
Updated it --> all is fine.

Thank you!
#2
25.1, 25.4 Production Series / [SOLVED:] Update to 25.1.2 broke Postfix
February 28, 2025, 09:51:11 PM
After the upgrade to 25.1.2 postfix does not start anymore.

In the Log I only see:

28cafc05-69bf-4067-8fa6-be5124013484] Script action failed with Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 78, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.11/subprocess.py", line 413, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1.


Any help is appreiciated.
#3
Zenarmor (Sensei) / Re: Important Announcement for Zenarmor Users
January 31, 2025, 03:47:56 PM
Quote from: rudiservo on January 31, 2025, 01:00:31 PMIs it safe for those that have external DB?

I can only share that for me, using an external elastic database it works without problems. But I have to admit I am a home user and I can rebuild the box easily (proxmox snapshot).
So in case you use opnsense on a business relevant machine I would recommend waiting for an official announcement.
#4
25.1, 25.4 Production Series / Re: Zenarmor no longer works...
January 31, 2025, 09:52:16 AM
For me it worked after the upgrade.
My setup is using a remote elastichsearch database and upgrading Opnsense did not defunctionalize zenarmour.
#5
24.7, 24.10 Legacy Series / Re: FIXED: After Applying 24.7.4_1 IPSec fails to initiate Phase 2
September 16, 2024, 04:20:18 PM
Fixed it by choosing an encryption protocol instead of setting the encryption to default
#6
24.7, 24.10 Legacy Series / FIXED: After Applying 24.7.4_1 IPSec fails to initiate Phase 2
September 16, 2024, 03:51:37 PM
Hi,
after applying the hotfix 24.7.4_1 on my two Opnsense boxes during the IpSec negotiation I see the error:
Code Select

"parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]"
received NO_PROPOSAL_CHOSEN notify error

Any ideas if there is some conection to the update?
#7
24.7, 24.10 Legacy Series / Re: Can't install new certificate
August 06, 2024, 11:18:50 PM
I had exactly the same issue with a digicert certificate. When I imported it it showed up as self signed, although the Digicert issuein CA is my Authorities store.
After some try and error this is how I solved it:

  • Import the certificate it will show up as self signed.
  • Edit the certificate make sure the action is is set to "Reissue and Replace certificate and make sure you select the correct CA
  • Click Save --> You will get an error
  • Change the Action to "Create a certificate Signing Request" and Save. You should now see the certificate with the correct CA
  • Click on edit and select "Import Certificate (Signed by CA) it should be the only option
  • Save it.

After this you should see the certificate with the correct CA assigned.
#8
Zenarmor (Sensei) / Re: Devices detecting the same devices over and over.
February 20, 2024, 06:44:38 PM
Not all of them.
Some are servers, some are mobiles. Some are VM's and some are physical
#9
Zenarmor (Sensei) / Devices detecting the same devices over and over.
February 02, 2024, 09:25:15 PM
When I review my setup, I see the same devices being "discovered" as new devices over and over again although the devices themselves remain the same. It might be that the IP Address is changing but in an environment with DHCP that should be expected.
Is there any intention to make this more reliable?
At the moment it is impossible to create a Policy to block untrusted devices and assume all new devices are untrusted.
#10
23.7 Legacy Series / Re: Unable to Update from 23.7.6 to 23.7.10_1 - gettext-runtime.mo:Invalid argument
January 13, 2024, 12:42:26 AM
Hi,
I am just guessing but looking at the error, could it be that for some reason you switched to the business tree in Firmware settings and simply do not have a business license?
#11
Zenarmor (Sensei) / Re: Zenarmour 1.16 stale Devices delete
January 08, 2024, 08:14:06 PM
Thank you IHK
#12
Zenarmor (Sensei) / Re: Zenarmour 1.16 stale Devices delete
December 25, 2023, 08:21:52 PM
Thank you,
I am aware about that, what I am interested in is if there is an automatism removing all devices which are offline for more than x days.
Question is if that is/will be implemented.
#13
Zenarmor (Sensei) / Zenarmour 1.16 stale Devices delete
December 25, 2023, 10:54:47 AM
I see that Zenarmour is adding devices more than once. This could be because of changing MAC addresses for example in Windows and Android.
Is there an automatically cleanup process implemented that removes sale devices, or is the only option to delete them one by one?
#14
German - Deutsch / Re: Kein Internet-Zugriff möglich (LAN -> WAN)
October 20, 2023, 04:33:02 PM
Was genau geht denn nicht?
Mir fällt nur auf, dass Deine WAN IP ja auch aus einem 192.168.x.x Netz ist, das sind ja die Private Netze und da gibt es soweit ich weiß ja am WAN Port eine Regel die automatisch alle privaten Netze blockt. Und wenn jetzt vor Deiner OPnsene noch ein  router steht der natted, dann hat der auch eine IP aus dem 192.168.10.x Netz und die Opnsense blockt dann diesen, und die Antwort aus dem Internet wird gedropped.
#15
23.7 Legacy Series / Re: Randomly Crashes
October 20, 2023, 04:05:00 PM
If it still crashes after applying a backup, it probably has other reasons. Could it be that there is a hardware issue (defective disk, RAM, CPU)?
Pages1 2 3 ... 6