Messages

Sorry for the spamming. Turns out it had to do with my DNS name provider. Just happened to coincide with the upgrade.

I don't know if it has something with the update to do, but after upgrading to 24.7.12 my (since long time working) client OpnSense server can no longer connect to the main site.I see lots of these messages in the log

2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: CMD 'state'   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: CMD 'status 3'   
2025-01-23T15:38:11   Notice   openvpn_server1   MANAGEMENT: Client connected from /var/etc/openvpn/server1.sock   
2025-01-23T15:38:01   Notice   openvpn_server1   MANAGEMENT: Client disconnected   
2025-01-23T15:38:01   Notice   openvpn_server1   MANAGEMENT: CMD 'state'

I had a hard time to get it working, until I started using the "peer generator" By using that, and let the clients read the generated QR-code. The everything works nicely

The ssh keys are stored in .ssh directory in your home directory. Look at man ssh

And the question then. How do I configure interface #2?

The same way you did #1 ... except use a different value for "Assign prefix ID"

At last I understood how. Thank You!

You need also ti track WAN interface IP for the other networks. Only make sure to use another identifier for each network. Default is 0, then use 1 and 2 for the other networks.

Default is LAN OPT1 OPT etc, so how do you mean I should do?

A single interface always gets a /64, so you can in fact have up to 256 interfaces with that /56 from your ISP.

And the question then. How do I configure interface #2?

On my home network, I have requested a /56 from my ISP. It is easy to get ipv6 on the LAN interface via track interface, but how can I get ipv6 to the other two internal interfaces on the firewall?

Gunnar

Can be but I am not suggesting that setup.
AdGH does only ad blocking with lists. Other lists can also be added.
Then it uses Unbound as upstream resolver.
client -> AdGH -> Unbound -> Root servers (or others if you prefer)

OK! So I let adGH use port 53 and then AdGH asks Unbound on another port. Witch mean I don't have to change clients, since they already uses OpnSense(aka Unbound) as resolver.

My suggestion for OPN: don't use them and Unbound will be 100% solid. Instead use them in AdGuardHome on OPNSense. Straight forward installation. Add a repo, get an update of packages with the new repo, install and configure with a couple of clicks. Then add the lists on AdGH. And you get additional functionality too.

Do I understand this right, that AdGuardHome takes over as resolver? Unbound unneeded?

As in Topic. OpenVPN widget gives correct data on the client Dashboard, but on the server side it says

OpenVPN Client Connections
Server SSL VPN mot Ornoweather
No clients connected

Small but annoying error

doesn't give anything. Assigned DHCPP6 address still not shown

With the old dashboard, looking at interfaces I could see both DHCP address for ipv4 and ipv6 on the WAN interface. With the new dashboard only the address for ipv4 is visible. I still get an dhcp6 ipv6 address though. So it is more cosmetics

Seems it is replaced - or always was - by FreeIPMI:

Code Select Expand

root@opnsense:~ # ipmi-sensors


:-[ I don't seem to find that either. Sorry!

Is ipmitools in plugins? I can't find it