"
Looks like an automation rule is not recognized. When you take a look at the automation rules is there one defined for the sftp upload? Has that eventually been removed?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
25.7, 25.10 Series / Re: some automation deletes ldaps synct users from opnsense
September 26, 2025, 01:50:08 PM
Did you verify the AD replication? Might be that there are some lingering objects and users exist on one DC but not on the other.
#3
25.7, 25.10 Series / Re: Easy method for forcing renewal of the public IP? - Suggestion of a button
September 18, 2025, 09:27:53 AM
I am using a low level option. Have a 5G connection with the ISP Modem in bridge mode. I am using a WLAN Power plug with Tasmota and can then programmatically send a web request to it to turn the Modem on and off (had to refer to IT Crowd) and then get a new IP.
#4
25.7, 25.10 Series / Re: HTTP, HTTPS, FTP-OPNProxy for in-house Web Server - Free version of OPNsense
September 18, 2025, 08:59:29 AM
In case you do not want to change the Port the firewall is listening.
I created a VIP (10.1.1.1) and since the FW website should not be available on the WAN I redirected Port 443 on the WAN side to the VIP on Port 40443 (or any other port).
Then all you need to do is to configure the reverse proxy (I use Nginx) to listen on 10.1.1.1:40443 and proxy the bits back to the Webserver in the LAN on Port 443.
This https://github.com/opnsense/plugins/issues/722
redirected me to my solution
I created a VIP (10.1.1.1) and since the FW website should not be available on the WAN I redirected Port 443 on the WAN side to the VIP on Port 40443 (or any other port).
Then all you need to do is to configure the reverse proxy (I use Nginx) to listen on 10.1.1.1:40443 and proxy the bits back to the Webserver in the LAN on Port 443.
This https://github.com/opnsense/plugins/issues/722
redirected me to my solution
#5
Virtual private networks / Re: [Help] OPNsense WireGuard on Proxmox – packets arrive but no handshake
September 17, 2025, 04:24:31 PM
Just an Idea,
did you create a rule to allow traffic go through the interface? IIRC per default there isn't any so all traffic will be blocked.
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
did you create a rule to allow traffic go through the interface? IIRC per default there isn't any so all traffic will be blocked.
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
#6
25.1, 25.4 Legacy Series / Re: Major issues after upgrade from 25.1.10 to 25.1.11
July 18, 2025, 01:01:03 PM
In case you run Opnsense on ZFS you could simply create a snapshot of the system before upgrading. Then you should be able to revert to the previous config easily.
I do that and additionally since my Opnsense runs on top of a Proxmox machine I use the backup feature of Proxmox to backup and recover.
I do that and additionally since my Opnsense runs on top of a Proxmox machine I use the backup feature of Proxmox to backup and recover.
#7
25.1, 25.4 Legacy Series / Re: 25.1.11 Upgrade breaks DNS resolution with KEA DHC IPv4
July 17, 2025, 02:27:55 PM
I am aware, but fact is that until the upgrade it worked out of the box assigning to the clients the KEA assigned IP as GW and DNS server. And Unbound in my case was listening on those interfaces.
This was then not working after the upgrade.
However I tried the upgrade again and it works now.
Thanks for the help.
This was then not working after the upgrade.
However I tried the upgrade again and it works now.
Thanks for the help.
#8
25.1, 25.4 Legacy Series / [SOLVED] 25.1.11 Upgrade breaks DNS resolution with KEA DHC IPv4
July 17, 2025, 02:07:53 PM
After Upgrading to 25.1.11 I realized that Kea DHCP Server still assigns IP Adresses, but DNS is no longer available. I did not add any extra DHCP options so the Gatway and the DNS Server is the IPadress assigned to the KEA interface on that specific VLAN.
Could not test any further as I need the environment up and running and decided to revert the snapshot.
Anyone had similar experiences?
Andreas
Could not test any further as I need the environment up and running and decided to revert the snapshot.
Anyone had similar experiences?
Andreas
#9
25.1, 25.4 Legacy Series / Re: Issue while configuring IPSec tunnels with NAT
May 28, 2025, 12:21:17 PM
Hi,
just to be on the safe side, did you create rules to allow the traffic between the nets? Per default IIRC the firewall will block al traffic.
just to be on the safe side, did you create rules to allow the traffic between the nets? Per default IIRC the firewall will block al traffic.
#10
25.1, 25.4 Legacy Series / Re: Update to 25.1.2 broke Postfix
February 28, 2025, 10:10:09 PM
I think someone from the team already fixed that.
I just searched for updates and there is a new Postfix release available.
Updated it --> all is fine.
Thank you!
I just searched for updates and there is a new Postfix release available.
Updated it --> all is fine.
Thank you!
#11
25.1, 25.4 Legacy Series / [SOLVED:] Update to 25.1.2 broke Postfix
February 28, 2025, 09:51:11 PM
After the upgrade to 25.1.2 postfix does not start anymore.
In the Log I only see:
28cafc05-69bf-4067-8fa6-be5124013484] Script action failed with Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 78, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.11/subprocess.py", line 413, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1.
Any help is appreiciated.
In the Log I only see:
28cafc05-69bf-4067-8fa6-be5124013484] Script action failed with Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 78, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.11/subprocess.py", line 413, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command 'postmap /usr/local/etc/postfix/transport ' returned non-zero exit status 1.
Any help is appreiciated.
#12
Zenarmor (Sensei) / Re: Important Announcement for Zenarmor Users
January 31, 2025, 03:47:56 PMQuote from: rudiservo on January 31, 2025, 01:00:31 PMIs it safe for those that have external DB?
I can only share that for me, using an external elastic database it works without problems. But I have to admit I am a home user and I can rebuild the box easily (proxmox snapshot).
So in case you use opnsense on a business relevant machine I would recommend waiting for an official announcement.
#13
25.1, 25.4 Legacy Series / Re: Zenarmor no longer works...
January 31, 2025, 09:52:16 AM
For me it worked after the upgrade.
My setup is using a remote elastichsearch database and upgrading Opnsense did not defunctionalize zenarmour.
My setup is using a remote elastichsearch database and upgrading Opnsense did not defunctionalize zenarmour.
#14
24.7, 24.10 Legacy Series / Re: FIXED: After Applying 24.7.4_1 IPSec fails to initiate Phase 2
September 16, 2024, 04:20:18 PM
Fixed it by choosing an encryption protocol instead of setting the encryption to default
#15
24.7, 24.10 Legacy Series / FIXED: After Applying 24.7.4_1 IPSec fails to initiate Phase 2
September 16, 2024, 03:51:37 PM
Hi,
after applying the hotfix 24.7.4_1 on my two Opnsense boxes during the IpSec negotiation I see the error:
Any ideas if there is some conection to the update?
after applying the hotfix 24.7.4_1 on my two Opnsense boxes during the IpSec negotiation I see the error:
Code Select
"parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]"
received NO_PROPOSAL_CHOSEN notify errorAny ideas if there is some conection to the update?
