Messages

Hello,

I understand that OPNSense is FreeBSD under the hood (or bonnet if you prefer). What I'm not sure about is this. I would like to make a number of custom changes to the OS, for example placing a script here, adding a cron job there, maybe even adding an extra user or two.

My question is: will changes such as these be retained across minor/major version upgrades as long as I don't do a fresh re-install?

Everything I've seen about how the system is set up points to yes, but I thought I would try to get clarification before doing anything drastic.

(Note that I am not asking about API or any other kind of software compatibility with OPNsense itself. I understand those are always subject to change.)

I forgot to mention that I am running 22.1.10 and the plugin says it is version 3.11

Hello,

I installed the ACME Client plugin today and I _think_ I performed all the necessary steps to set it up but it doesn't look like anything is happening.

• I am using Let's Encrypt for the certificate provider
• I am using the DNS validation with Cloudflare

I followed the instructions in the Quick Start Guide:

• the plugin is enabled
• I created an account for Let's Encrypt (the account shows as "OK (registered)"
• I added a DNS-01 challenge type using CloudFlare.com API and entered my CF Account ID and CF API Token
• I then added a certificate (with the FQDN as the CN) with the ACME account set to the Let's Encrypt account, the challenge type set to the Cloudflare challenge

The Certificates tab shows for this certificate:

• Enabled: yes
• Issue/Renewal Date: pending
• Last ACME Status: unknown
• Last ACME Run: unknown

I also added a cron job to renew the cert every 2 months but I don't think that is affecting anything.

I tried pushing the "Run automations" button but that didn't change anything.

The system log only contains an error about cron (this happened prior to setting anything up) and a line saying "AcmeClient: account registration successful for letsencrypt". The ACME Log tab is completely empty.

Any suggestions on what I can do or check?

Thanks,
Charles

Hi all!

Long story short, I got tired of the firewall/router limitations of my overpriced ASUS wifi black box and bought an APU2 board and enclosure to run OPNSense on. Everything has been going great so far, so kudos to all who donate their time to this project.

I have a question, though. I have a pretty typical setup here, one WAN interface and one LAN interface. My ISP is comcast. Under Services -> Router Advertisements -> [LAN], the first select box labeled "Router Advertisements" has a value of "Disabled". This appears to be the default since I never touched this setting. However, IPv6 is working just fine on the LAN. radvd is running on the box and the contents of radvd.conf look accurate and sane.

Is this a UI bug, or am I not understanding what this RA service is for?

EDIT: Also, if it matters, DHCPv6 is not enabled on the LAN.