"
Correct, DHCP pool starts at 192.168.51.20 --> 192.168.51.60, with all static leases within 192.168.51.2 --> 192.168.51.6
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 30, 2024, 11:26:25 AM #2
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 29, 2024, 01:31:09 PM
DHCP is configure using the default opnsense settings, I have set static IPs but I can't imagine that those would cause any issues. DHCP work fine on the LAN but on Camera it appears to be the issue. I haven't changed any setting apart from enabled DHCP on the Caerma network as well as the static IPs.
I don't think it is hardware as I have stated before I have rotated ports, cables, as well as the PoE switch.
I don't think it is hardware as I have stated before I have rotated ports, cables, as well as the PoE switch.
#3
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 28, 2024, 02:55:54 PM
Yeah that makes sense regarding the firewall rules.
I don't think it is physical as I have tried other ports on the Opnsense device (I have two free) as well as many cables, I have also replaced the poe switch, all with the same result.
Each time it happens it is only the camera network that goes down with the LAN behaving as normal. It is like the DHCP request are not being served after a period of time as each time I check the leases are expired. I have check all the logs I can think of but nothing appears to be the cause from what I can find, I am sure it is in there though.
Does opnsense have a sleep function or something?
I don't think it is physical as I have tried other ports on the Opnsense device (I have two free) as well as many cables, I have also replaced the poe switch, all with the same result.
Each time it happens it is only the camera network that goes down with the LAN behaving as normal. It is like the DHCP request are not being served after a period of time as each time I check the leases are expired. I have check all the logs I can think of but nothing appears to be the cause from what I can find, I am sure it is in there though.
Does opnsense have a sleep function or something?
#4
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 28, 2024, 12:30:15 AM
Please see the attached. Everything is default apart from the two firewall rules allowing LAN --> Camera and Camera --> LAN
#5
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 27, 2024, 11:38:36 AM
Thanks for the reply i am really stuck here, sorry for the late reply, i have been on a work trip.
Since getting back i have reset OPNsense to a bare bones installation (Reinstall) and configured only the most basic settings via the terminal setup (WAN, LAN, and my Camera Network). I ported over the most critical settings being the static DHCP settings to ensure all the connections are still valid, however, it dropped again :/
Correct the rule does not need to be there but i was lost as why it was not working so was trying everything, in the bare bones setup i have now, i have no firewall rules, IPS/IDS, etc which can interfere yet it still occurs.
I dont believe i had any power options enabled, as my reinstall would have removed the ones i had anyway.
For dmesg what are you referring to here?
On the firewall logs i can see my traffic is allowed to the Camera network, but i never see anything else return. I must admit i am pretty perplexed by this, as i could imagine i had a weird setting turned on i forgot about initially, but the fact it continue to drop after the most basic setup is crazy. I have also gone through 3 downstream switches and several cables to try and resolve this, i think the bug is with Opnsense itself?
Since getting back i have reset OPNsense to a bare bones installation (Reinstall) and configured only the most basic settings via the terminal setup (WAN, LAN, and my Camera Network). I ported over the most critical settings being the static DHCP settings to ensure all the connections are still valid, however, it dropped again :/
Correct the rule does not need to be there but i was lost as why it was not working so was trying everything, in the bare bones setup i have now, i have no firewall rules, IPS/IDS, etc which can interfere yet it still occurs.
I dont believe i had any power options enabled, as my reinstall would have removed the ones i had anyway.
For dmesg what are you referring to here?
On the firewall logs i can see my traffic is allowed to the Camera network, but i never see anything else return. I must admit i am pretty perplexed by this, as i could imagine i had a weird setting turned on i forgot about initially, but the fact it continue to drop after the most basic setup is crazy. I have also gone through 3 downstream switches and several cables to try and resolve this, i think the bug is with Opnsense itself?
#6
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
October 03, 2024, 12:20:47 PM
I have narrowed this down to the DHCP service, as i migrated the entire setup under my standard LAN network and it also dropped after 12 -24 hours even though all other devices on the LAN network remained unaffected. When i checked on the status no DHCP lease was active for the security cameras and NCR even though i configured them as static entries.
Can anyone think of why DHCP for certain devices is not working while other devices on the same network are? The only common denominator is the PoE switch which powers the devices, however, i have already replaced it once before. It is the same type though so i wonder if this type has an issue, or maybe the batch? But that seems unlikely...
Can anyone think of why DHCP for certain devices is not working while other devices on the same network are? The only common denominator is the PoE switch which powers the devices, however, i have already replaced it once before. It is the same type though so i wonder if this type has an issue, or maybe the batch? But that seems unlikely...
#7
24.7, 24.10 Production Series / Re: 3rd Interface Not Working as Expected
September 30, 2024, 02:25:00 PM
I have been investigating further and still cannot find an issue with my configuration. I have essentially followed the Setup Guest Guide here: https://docs.opnsense.org/manual/how-tos/guestnet.html#step-1-configure-interface, but rather than block rules added allow rules.
I can see the appropraite firewall rule is being hit on the LAN side but no response from the camera network, I'm really not sure what is going on here as everything works initially and then drops after a period of time. I think it is something to do with DHCP as whenever it drops i dont see an active lease for the camera network (192.168.51.1/24)
I can see the appropraite firewall rule is being hit on the LAN side but no response from the camera network, I'm really not sure what is going on here as everything works initially and then drops after a period of time. I think it is something to do with DHCP as whenever it drops i dont see an active lease for the camera network (192.168.51.1/24)
#8
24.7, 24.10 Production Series / 3rd Interface Not Working as Expected
September 29, 2024, 01:49:50 PM
Hi All,
I have been using OPNSense for ages in a pretty basic manner with just two interfaces being assigned (WAN & LAN) and a handful of services to up the security (Unbound, IPS, GeoBlocking, and some ACLs), with everything working great. However, recently I added a few security cameras to my house and for security wanted to place this on a new physical interface of my OPNSense device rather than it being a VLAN (My device has 4 ports so it seemed better to just create a new interface rather than mess around with VLANs).
The new interface and network has been assigned and it is a direct replica of my LAN, just with a different subnet. I configured some basic rules such as the below:
NAT is default with nothing special in it.
This is where it gets a bit weird, everything works as expected for around 12 to 24 hours but then everything on the Camera network becomes unavailable with no apparent reason (to me anyway). I have changed the down stream switch (just for the Camera Network), all ethernet cables, and also tried the 4th port on my OPNSense device, however, the issue persists.
I have also looked at IPS, local DHCP, Firewall rules, and Unbound but havent found any logs which may indicate something is incorrect, as on boot everything works correctly. Restarting the network devices brings everything backup without an issue.
At this stage i have exhausted what i can think of, does anyone else have an idea of what it could be?
I have been using OPNSense for ages in a pretty basic manner with just two interfaces being assigned (WAN & LAN) and a handful of services to up the security (Unbound, IPS, GeoBlocking, and some ACLs), with everything working great. However, recently I added a few security cameras to my house and for security wanted to place this on a new physical interface of my OPNSense device rather than it being a VLAN (My device has 4 ports so it seemed better to just create a new interface rather than mess around with VLANs).
The new interface and network has been assigned and it is a direct replica of my LAN, just with a different subnet. I configured some basic rules such as the below:
- No WAN traffic on camera network
- Camera network to camera network allow all (For the NVR + NAS)
- Camera network to LAN allow all (So the cameras and NVR are accessible by other devices)
- LAN to Camera network allow all (as per above)
NAT is default with nothing special in it.
This is where it gets a bit weird, everything works as expected for around 12 to 24 hours but then everything on the Camera network becomes unavailable with no apparent reason (to me anyway). I have changed the down stream switch (just for the Camera Network), all ethernet cables, and also tried the 4th port on my OPNSense device, however, the issue persists.
I have also looked at IPS, local DHCP, Firewall rules, and Unbound but havent found any logs which may indicate something is incorrect, as on boot everything works correctly. Restarting the network devices brings everything backup without an issue.
At this stage i have exhausted what i can think of, does anyone else have an idea of what it could be?
#9
General Discussion / Re: DNS wildcards in Alias (Hosts)
November 16, 2022, 01:02:11 PM
Also curious about this, i have a number of hosts to insert and wildcard support would be great
#10
22.1 Legacy Series / Re: Can i create firewall rule from a wildcard dns entry
November 16, 2022, 01:02:03 PM
Also curious about this, i have a number of hosts to insert and wildcard support would be great
#11
22.7 Legacy Series / Cron for OpenVPN
November 16, 2022, 11:18:56 AM
Hi All,
Just having a few issues creating a custom cron to restart the openvpn service on a defined schedule. Hopefully this will resolve an issue i am having with it consistently dropping and failing to reconnect ever 2-3 days. I have followed this topic https://forum.opnsense.org/index.php?topic=2263.0 to generate the below.
When I manually run
Does anyone have any ideas on why this is occurring?
Just having a few issues creating a custom cron to restart the openvpn service on a defined schedule. Hopefully this will resolve an issue i am having with it consistently dropping and failing to reconnect ever 2-3 days. I have followed this topic https://forum.opnsense.org/index.php?topic=2263.0 to generate the below.
Code Select
[stop]
command:/usr/local/sbin/pluginctl -s openvpn stop
parameters:
type:script
message:stop openvpn service
description:Stop openvpn
[start]
command:/usr/local/sbin/pluginctl -s openvpn start
parameters:
type:script
message:start openvpn service
description:Start openvpn
[restart]
command:/usr/local/sbin/pluginctl -s openvpn restart
parameters:
type:script
message:restart openvpn service
description:Restart openvpn
When I manually run
Code Select
/usr/local/sbin/pluginctl -s openvpn restart the expected behavior of restarting the openvpn service occurs. however when I use Code Select
configctl openvpn restart to call the corresponding function in my conf file it returns "OK" but fails to restart the service.Does anyone have any ideas on why this is occurring?
#12
21.7 Legacy Series / ET Pro Telemetry Edition rule set not downloading
August 19, 2021, 04:21:49 AM
Hi All,
I was checking my Suricata setup and found that none of my ET Pro rules had been downloaded. I manually selected the categories and re-activated them and trigged a download but it has not appeared to work. I also confirmed that the plugin is installed and active.
I checked my OPNSense account and ordered another license key and installed it but still no luck. Is there an activation period for the license key causing the download of the categories to fail?
All other Rule Sets are downloading and working accordingly.
Thanks
I was checking my Suricata setup and found that none of my ET Pro rules had been downloaded. I manually selected the categories and re-activated them and trigged a download but it has not appeared to work. I also confirmed that the plugin is installed and active.
I checked my OPNSense account and ordered another license key and installed it but still no luck. Is there an activation period for the license key causing the download of the categories to fail?
All other Rule Sets are downloading and working accordingly.
Thanks
#13
21.1 Legacy Series / Re: Weird Issues Updating Firmware & Firewall Logs Not Updating
August 17, 2021, 02:05:52 AM
I have turned on and off that setting in the past with little effect, but glad to see it working. Do you happen to know why using the Hostcentral Mirror in Australia is still failing even with the same settings? Would be interesting to see if anyone else is having the same issue
#14
21.1 Legacy Series / Re: Weird Issues Updating Firmware & Firewall Logs Not Updating
August 16, 2021, 04:00:15 PM
Thanks Franco, looks like I have narrowed it down and hopefully working with the below.
1) Checking if /tmp/changelog/ exists failed with "does not exist"
2) Manually created using touch /tmp/changelog/
3) Turned off setting "Use IPv4 over IPv6" in general
4) Manually downloaded changelog using fetch -v https://pkg.opnsense.org/FreeBSD:12:amd64/21.7/sets/changelog.txz.sig
5) Rebooted and checked connectivity in UI - failed to Hostcentral in Australia (Mirror.as24220.net)
6) Changed mirror to NYC (Mirrors.nycbug.org)
7) Checked connectivity - now working
8) Ran update and package now say installed :)
Unsure why Hostcentral in Australia does not work with the same setting and also unsure of how changelog was deleted? Someone smarter than me would know a potential cause
1) Checking if /tmp/changelog/ exists failed with "does not exist"
2) Manually created using touch /tmp/changelog/
3) Turned off setting "Use IPv4 over IPv6" in general
4) Manually downloaded changelog using fetch -v https://pkg.opnsense.org/FreeBSD:12:amd64/21.7/sets/changelog.txz.sig
5) Rebooted and checked connectivity in UI - failed to Hostcentral in Australia (Mirror.as24220.net)
6) Changed mirror to NYC (Mirrors.nycbug.org)
7) Checked connectivity - now working
8) Ran update and package now say installed :)
Unsure why Hostcentral in Australia does not work with the same setting and also unsure of how changelog was deleted? Someone smarter than me would know a potential cause
#15
21.1 Legacy Series / Re: Weird Issues Updating Firmware & Firewall Logs Not Updating
August 16, 2021, 03:09:03 PM
I have managed to resolve the firewall logging issue, by clearing logs, clearing cache and then rebooting - unsure why it did not work initially.
During the reboot, some package changes occurred and now they are saying "orphaned" rather than "misconfigured".
Still no luck with resolving the update issue when the changelog.txz.sig is truncated
During the reboot, some package changes occurred and now they are saying "orphaned" rather than "misconfigured".
Still no luck with resolving the update issue when the changelog.txz.sig is truncated
