Messages

Thank you.
Ended up just to copy from /mnt2 to /conf and reboot.

Found config.xml under /mnt2
How do I get it out and import it?

root@OPNsense:~ # zfs list
NAME                 USED  AVAIL  REFER  MOUNTPOINT
fix                 1.27G  98.5G    96K  /mnt/fix/zroot
fix/ROOT            1.24G  98.5G    96K  none
fix/ROOT/default    1.24G  98.5G  1.24G  /mnt/fix
fix/home              96K  98.5G    96K  /mnt/fix/home
fix/tmp             1.84M  98.5G  1.84M  /mnt/fix/tmp
fix/usr              288K  98.5G    96K  /mnt/fix/usr
fix/usr/ports         96K  98.5G    96K  /mnt/fix/usr/ports
fix/usr/src           96K  98.5G    96K  /mnt/fix/usr/src
fix/var             6.73M  98.5G    96K  /mnt/fix/var
fix/var/audit         96K  98.5G    96K  /mnt/fix/var/audit
fix/var/crash         96K  98.5G    96K  /mnt/fix/var/crash
fix/var/log         6.26M  98.5G  6.26M  /mnt/fix/var/log
fix/var/mail          96K  98.5G    96K  /mnt/fix/var/mail
fix/var/tmp           96K  98.5G    96K  /mnt/fix/var/tmp
zroot               1.12G  98.7G    96K  /zroot
zroot/ROOT          1.11G  98.7G    96K  none
zroot/ROOT/default  1.11G  98.7G  1.11G  /
zroot/home            96K  98.7G    96K  /home
zroot/tmp           1.49M  98.7G  1.49M  /tmp
zroot/usr            288K  98.7G    96K  /usr
zroot/usr/ports       96K  98.7G    96K  /usr/ports
zroot/usr/src         96K  98.7G    96K  /usr/src
zroot/var           1.74M  98.7G    96K  /var
zroot/var/audit       96K  98.7G    96K  /var/audit
zroot/var/crash       96K  98.7G    96K  /var/crash
zroot/var/log       1.27M  98.7G  1.27M  /var/log
zroot/var/mail        96K  98.7G    96K  /var/mail
zroot/var/tmp         96K  98.7G    96K  /var/tmp


root@OPNsense:~ # cd /mnt/fix/
root@OPNsense:/mnt/fix # ls -la
total 20
drwxr-xr-x  7 root wheel  7 May 13 09:58 .
drwxr-xr-x  8 root wheel  8 May 13 09:58 ..
drwxr-xr-x  2 root wheel  2 Jan  6 11:37 home
drwxrwxrwt  5 root wheel 21 Mar 26 04:29 tmp
drwxr-xr-x  4 root wheel  4 May 13 09:58 usr
drwxr-xr-x  7 root wheel  7 May 13 09:58 var
drwxr-xr-x  2 root wheel  2 Jan  6 11:52 zroot

Where do I find config.xml from crashed disk?
When I mount zpool I see no /config folder

Which line do you add?

Have anyone tried the "new" OpenVPN Windows client with combined password and OTP prompt?

Saw this in OpenVPN client setting: "Prompt for OTP and combine with password"

When using OpenVPN instance with DCO I get this in log:

dco_update_peer_stat: invalid peer ID 1 returned by kernel

Looks like at bug if I search internet.

Would it be possible to use aliases to define local and remote subnets in IPSEC connections setup?

I'll try that next week.

Where in the GUI should I use it?

PSK definition or Remote Identity in Connection setup?

Can I use DNS type then in the GUI of the new IPSEC?

"If the value has the form <type>:<value> (supported since version 5.2.2), the type and value are explicitly specified:

The following types are known: ipv4, ipv6, ipv4net, ipv6net, ipv4range, ipv6range, rfc822, email, userfqdn, fqdn, dns, asn1dn, asn1gn and keyid. Custom type prefixes may be specified by surrounding the numerical type value with curly brackets."

I need it to resolv the hostname from Remote Endpolint and use IP as Remote Identity. Thats how it worked before. I don't see how I can do that now. If I put the hostname in Remote Authentication it does not resolv it and use the IP.

How do I configure IPSEC in the new connections with remote endpoint as hostname and Identities as IP addresses?

In the old config I just put hostname in Remote Endpoint and setup PSK and setup Identities to My IP and Remote IP.

How do I configure that in the new IPSEC PSK setup?

ok, I have not tried to find it in IPSEC new connections before now. Only in legacy IPSEC. I'll update to DH14 I think.

ok,

Is aes256-sha256-modp1024[DH2] / AES (256 bits) + SHA256 + DH Group 2 not an option with the new connection proposals. I'm having one IPSEC IKEv1 using it.

It does work now :)