Messages

HI

    I want to use the plugin "Fetchmail", when I setup mailbox in fingerprint, it always show＂text validation error＂　and could't save. what's wrong? 

    I get the ssl fingerprint use below command, Is it any problem?

openssl s_client -connect $SERVER:$PORT -showcerts | openssl x509 -fingerprint -noout -md5

MD5 Fingerprint=35:20:B2:05:B8:AF:B4:7A:FB:77:A0:4D:D1:86:75:61

I also need it, can someone help to include on plingin "ddns"?

Thanks. I can use opnsense WEB GUI normally, I change to chrome 89.0.4385.0, and all funtions look like fine.

The erroe message is like below

ncaught TypeError: string.replaceAll is not a function  tokenize2.js?v=d518ea4e6f99547a:1033
    at Tokenize2.escape (tokenize2.js?v=d518ea4e6f99547a:1033)
    at Tokenize2.dropdownAddItem (tokenize2.js?v=d518ea4e6f99547a:847)
    at Tokenize2.<anonymous> (tokenize2.js?v=d518ea4e6f99547a:121)
    at HTMLSelectElement.i (jquery-3.5.1.min.js:2)
    at HTMLSelectElement.dispatch (jquery-3.5.1.min.js:2)
    at HTMLSelectElement.v.handle (jquery-3.5.1.min.js:2)
    at Object.trigger (jquery-3.5.1.min.js:2)
    at HTMLSelectElement.<anonymous> (jquery-3.5.1.min.js:2)
    at Function.each (jquery-3.5.1.min.js:2)
    at S.fn.init.each (jquery-3.5.1.min.js:2)

my brower is chrome 84.0.4147.125

When I upgrade opensense to 21.1 , The Aliases has a problem. old rules still display, but I can't edit it and can't add new rule.(click + , no respond)

OK, I see, thanks.

In our company, we use AD account to login all systems, not just openvpn service.  The openvpn service is not provided for all users. Sometimes is temporary (ex. one month or two month) for special user.  So I think disable the accounts from AD server is not friendly way in production.

Now I use "VPN: OpenVPN: Client Specific Overrides" to define everyone's account to control login status, it can control openvpn login and don't need to disable account in AD server.

HI Sirs,

     Is any possible to use IPSEC Vti mode (route based) by one site public IP and the other site PPPoe WAN IP(or dymanic IP)? 
     I tried the setup for the two site both public IP is OK, but when I change the one site public IP and the other site PPPoe WAN IP is failed. The IPSEC status was green, but the two site network could't be connected

I think this setting is not helpful to sovle my issus. Because when the primary WAN disconect to change to backup line, the openvpn connection is look like good always, but it will not have good quality between different ISP(loss packages).Use the setting "persist-tun" will not restore original connection(the same ISP connection).

Our openvpn auth uses remote AD server, So I need to disable the account from my AD server , not just disable account on opnsense, right?

So this means, If i want to block user to connect openvpn, I must disable account from opnsense and AD server?
I can't just disable account on opnsense? It's not smart I think.  :-X 

no guest account enabled in our AD server(win2003), and the AD account(sync from AD server) was disabled in opnsense. But still can login openvpn service now.

Dear Sirs,

     The opnsense users can import from AD server, and I use these accounts for openvpn client, they can login openvpn service OK, but when they were disabled, they can still login openvpn service successfully, so is it normally?  (th local accounts is OK)

[detect the line survival to reconnect to better ISP]

Hi sir,

    Our company use openvpn server with three WAN lines(different ISP provide[china telecom,china mobile,unicom]) to provide VPN service for each branch offices.
    The branch office use openvpn client service to connect to server with two WAN lines(Unicom,China telecom).
    But sometimes the network quility is not good, and the client will connect to wrong WAN line then the openvpn connection will lose packages(different ISP's connection is not always good in china).
    If the opnsense can build a funtion to detect the line survival to reconnect to better ISP in openvpn , or can provide a cron rule to restart openvpn client service automatically for user define, thanks.

For example,

     headquarter have three WAN Lines to provide openvpn service:

     1. china telecom ==> 192.168.1.1
     2. unicom telecom ==> 192.168.2.1
     3  china mobile ==> 192.168.3.1

     
     branch office have two WAN lines to connect to headquarter:

     1. china telecom ==>  192.168.1.2
     2. unicom telecom ==> 192.168.2.2

     branch office defaule setup  is use 192.168.2.2 to connect to 192.168.2.1 (the same ISP network, the quality is the best)
     but when unicom telecom network quality is abnormal, it will change to use 192.168.1.2 to connect to 192.168.2.1 (different ISP network), and the connection quality will not good.   

       

I am using a samsung evo 950 ssd m.2.

1. Did you already deal with the bios?. maybe there is something not optimally set.
2. Have you ever tried to reinstall the smart widget?
3. Lastest firmware? https://www.supermicro.com/products/motherboard/atom/A2SDi-4C-HLN4F.cfm

I have the same issue. My disk is samsung 970 evo plus NVMe M.2 250G, when I install smart tools, it also shows that no SMART device is found.

I guess the problem is the device ID different. The SATA type will be ada0, but NVMe type will be nvme0, so I used command "  /usr/local/sbin/smartctl -a /dev/nvme0" , it will show smart information normally. So I hope the web GUI can fixd this issue in the future thanks.

I'd guess not every APC UPS supports the apcsmart driver. The whole nut-tools software is quite a mess, so I'd rather be happy if it just works :)

Thanks a lot.

And I have another question, Can we setup the parameter with Nut by ourself to control the opnsense shutdown when lost power in the future?