Messages

So Dnsmasq is still running but not responding?

It works when running, but is stopped without notification three times, causing trouble. I turned it off and am back to ISC DHCP witch never fails.

dmesg says nothing about dnsmasq! no segfaults shown

Got any weird settings on like strict interface binding (dnsmasq general settings, advanced)? If interfaces drop out I can imagine dnsmasq not liking that.

No it is very straight forward. Activated on LAN only. Nothing extra. Just a simple DHCP span from 101 to 200. about ten fixed addresses. DNS via Unbound as suggested.

I went away two days, when I come home DNSmasq has stopped again. So I gove a fixed address to my iMac, start Dnsmasq again. Tomorrow I'll activate KEA instead

I've switched from ISC DHCP to dnsmasq a few weeks ago. Followed the instructions thoroughly, and all seems to work fine. But twice since the switch the dnsmasq service has just stopped witch of course leads to clients not getting their IP-addresses.

After manually giving my main work computer a fixed address, I can connect with OPNsense server and start the service again. I see nothing in the logs.

Sorry for the spamming. Turns out it had to do with my DNS name provider. Just happened to coincide with the upgrade.

I don't know if it has something with the update to do, but after upgrading to 24.7.12 my (since long time working) client OpnSense server can no longer connect to the main site.I see lots of these messages in the log

2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: CMD 'state'   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: CMD 'status 3'   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock   
2025-01-23T15:38:01   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:01   Notice   openvpn_server1   MANAGEMENT: CMD 'state'

I had a hard time to get it working, until I started using the "peer generator" By using that, and let the clients read the generated QR-code. The everything works nicely

The ssh keys are stored in .ssh directory in your home directory. Look at man ssh

And the question then. How do I configure interface #2?

The same way you did #1 ... except use a different value for "Assign prefix ID"

At last I understood how. Thank You!

You need also ti track WAN interface IP for the other networks. Only make sure to use another identifier for each network. Default is 0, then use 1 and 2 for the other networks.

Default is LAN OPT1 OPT etc, so how do you mean I should do?

A single interface always gets a /64, so you can in fact have up to 256 interfaces with that /56 from your ISP.

And the question then. How do I configure interface #2?

On my home network, I have requested a /56 from my ISP. It is easy to get ipv6 on the LAN interface via track interface, but how can I get ipv6 to the other two internal interfaces on the firewall?

Gunnar

Can be but I am not suggesting that setup.
AdGH does only ad blocking with lists. Other lists can also be added.
Then it uses Unbound as upstream resolver.
client -> AdGH -> Unbound -> Root servers (or others if you prefer)

OK! So I let adGH use port 53 and then AdGH asks Unbound on another port. Witch mean I don't have to change clients, since they already uses OpnSense(aka Unbound) as resolver.

My suggestion for OPN: don't use them and Unbound will be 100% solid. Instead use them in AdGuardHome on OPNSense. Straight forward installation. Add a repo, get an update of packages with the new repo, install and configure with a couple of clicks. Then add the lists on AdGH. And you get additional functionality too.

Do I understand this right, that AdGuardHome takes over as resolver? Unbound unneeded?

As in Topic. OpenVPN widget gives correct data on the client Dashboard, but on the server side it says

OpenVPN Client Connections
Server SSL VPN mot Ornoweather
No clients connected

Small but annoying error