"
Wooow!
you are right ! :-)
removed orphan IP Alias and voila, it's works!
Thanks a lot!
you are right ! :-)
removed orphan IP Alias and voila, it's works!
Thanks a lot!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#1
24.7, 24.10 Legacy Series / Re: CARP Status Widget fail to load after upgrade to 24.7
September 09, 2024, 05:09:37 PM #2
24.7, 24.10 Legacy Series / Re: CARP Status Widget fail to load after upgrade to 24.7
September 09, 2024, 11:06:29 AM
Hi!,
sorry, now corrected.
I updated step by step from 24.1.10_8 to 24.7.3_1.
browser console:
opnsense_widget_manager.js?v=4bb3464f732685dc:518 Failed to load content for widget: carp, Error: TypeError: Cannot read properties of null (reading 'interface')
at Carp.js?t=1725872511531:70:70
at Array.forEach (<anonymous>)
at Carp.onWidgetTick (Carp.js?t=1725872511531:69:28)
at async tick (opnsense_widget_manager.js?v=4bb3464f732685dc:487:17)
at async WidgetManager._onMarkupRendered (opnsense_widget_manager.js?v=4bb3464f732685dc:495:9)
at async Promise.all (index 4)
at async WidgetManager._loadDynamicContent (opnsense_widget_manager.js?v=4bb3464f732685dc:423:9)
at async WidgetManager.initialize (opnsense_widget_manager.js?v=4bb3464f732685dc:116:13)
Thanks a lot,
sorry, now corrected.
I updated step by step from 24.1.10_8 to 24.7.3_1.
browser console:
opnsense_widget_manager.js?v=4bb3464f732685dc:518 Failed to load content for widget: carp, Error: TypeError: Cannot read properties of null (reading 'interface')
at Carp.js?t=1725872511531:70:70
at Array.forEach (<anonymous>)
at Carp.onWidgetTick (Carp.js?t=1725872511531:69:28)
at async tick (opnsense_widget_manager.js?v=4bb3464f732685dc:487:17)
at async WidgetManager._onMarkupRendered (opnsense_widget_manager.js?v=4bb3464f732685dc:495:9)
at async Promise.all (index 4)
at async WidgetManager._loadDynamicContent (opnsense_widget_manager.js?v=4bb3464f732685dc:423:9)
at async WidgetManager.initialize (opnsense_widget_manager.js?v=4bb3464f732685dc:116:13)
Thanks a lot,
#3
24.7, 24.10 Legacy Series / Re: CARP Status Widget fail to load after upgrade to 24.7
September 09, 2024, 09:38:44 AM
Hi !
I started from 24.1.10_8 to 24.7 and so on to current version ...
I started from 24.1.10_8 to 24.7 and so on to current version ...
#4
24.7, 24.10 Legacy Series / CARP Status Widget fail to load after upgrade to 24.7
September 09, 2024, 09:31:44 AM
Hi People,
after upgrade to 24.7 the CARP Status Widget fails to load.
thanks a lot
after upgrade to 24.7 the CARP Status Widget fails to load.
thanks a lot
#5
24.7, 24.10 Legacy Series / update 23.7 -> 24.1 problem with haproxy / ssl / tls
June 17, 2024, 11:32:58 AM
Hello Community,
As the title suggests, after an upgrade, the IMAP(993) reverse proxy (with haproxy) no longer works for me.
I remember reading that old ciphers were deactivated, tls1.X, etc.
Unfortunately, I can't find a proper way to temporarily get IMAP working again until I have updated the IMAP server.
Any suggestions? Keywords?
Thanks in advance,
As the title suggests, after an upgrade, the IMAP(993) reverse proxy (with haproxy) no longer works for me.
I remember reading that old ciphers were deactivated, tls1.X, etc.
Unfortunately, I can't find a proper way to temporarily get IMAP working again until I have updated the IMAP server.
Any suggestions? Keywords?
Thanks in advance,
#6
German - Deutsch / update 23.7 -> 24.1 problem mit haproxy / ssl / tls
June 16, 2024, 06:19:07 PM
Servus Community,
Wie der Titel andeutet, nach ein upgrade, funktionert bei mir das IMAP(993) reverse Proxy (mit haproxy) nicht mehr.
Ich erinnere mich gelesen zu haben das alten ciphers deaktiviert wurden, tls1.X, etc.
Ich finde leider keine richtige Einsatz um tempörär IMAP wieder zum laufen zu bringen bis ich den IMAP server auf neuen Stand gebracht habe.
Irgendein Vorschlag ? Stichworte ?
Vielen Dank im Voraus,
Wie der Titel andeutet, nach ein upgrade, funktionert bei mir das IMAP(993) reverse Proxy (mit haproxy) nicht mehr.
Ich erinnere mich gelesen zu haben das alten ciphers deaktiviert wurden, tls1.X, etc.
Ich finde leider keine richtige Einsatz um tempörär IMAP wieder zum laufen zu bringen bis ich den IMAP server auf neuen Stand gebracht habe.
Irgendein Vorschlag ? Stichworte ?
Vielen Dank im Voraus,
#7
23.7 Legacy Series / Re: VPN: OpenVPN: Instances [new] Cipher
November 13, 2023, 11:05:58 AM
I need the option too.
Have you found anything in the meantime other than adjusting the other partner?
Have you found anything in the meantime other than adjusting the other partner?
#8
German - Deutsch / Re: CheckMK Agent Standalone
September 30, 2022, 09:32:15 AM
Moin !
Klasse Arbeit!
Ich habe eine Frage.
Auszug aus die OpenVPN section
...
2 "OpenVPN Client: rw @ workstation21" connectiontime=0|connections_ssl_vpn=0|if_in_octets=0|if_out_octets=0|expiredays=9 Nicht verbunden Cert Expire: 09.10.2022
...
Wie kann ich den status "Nicht verbunden" ignorieren aber trotzdem warnen dass über "Cert Expire" ?
Siehe Screenshot ...
Vielen Dank im Voraus !
Klasse Arbeit!
Ich habe eine Frage.
Auszug aus die OpenVPN section
...
2 "OpenVPN Client: rw @ workstation21" connectiontime=0|connections_ssl_vpn=0|if_in_octets=0|if_out_octets=0|expiredays=9 Nicht verbunden Cert Expire: 09.10.2022
...
Wie kann ich den status "Nicht verbunden" ignorieren aber trotzdem warnen dass über "Cert Expire" ?
Siehe Screenshot ...
Vielen Dank im Voraus !
#9
Virtual private networks / Zertifikate widerrufen / löschen
May 20, 2022, 11:55:35 AM
Servus,
kann ich ein Zertifikat nach den widerrufen löschen ?
Unter openvpn, ein nicht widergerufen aber gelöschte Zertifikat weiter akzeptiert wird deshalb die Frage.
Vielen Dank !
kann ich ein Zertifikat nach den widerrufen löschen ?
Unter openvpn, ein nicht widergerufen aber gelöschte Zertifikat weiter akzeptiert wird deshalb die Frage.
Vielen Dank !
#10
22.1 Legacy Series / Re: Intel X520-DA2 Series Connectivity Issues / Input-error after upgrade to 22.1
April 15, 2022, 09:21:52 PMQuote from: opns_neuling on February 23, 2022, 10:07:18 AM
I upgraded to 22.1 last week and everything went off without a hitch.
A quick hardware overview.
I run Opnsense as pure Firewall (High Avail. Scenario, 2 Hosts, 2 Switch, LACP)
Hosts with 32G, Xeon E2620, Intel x520-DA2.
1 host with Fiber/ 1 Host with DAC.
lacp over both ports on X520.
more vlans on top of lagg.
Interface Statistics for lagg0
In/out packets 716441825 / 712558018 (358.71 GB / 284.60 GB)
In/out packets (pass) 716347241 / 712557150 (358.70 GB / 284.60 GB)
In/out packets (block) 4574009 / 868 (92 KB / 44 KB)
In/out errors 6801598 / 1657
Interface Statistics for ix0
In/out errors 6738215 / 0
Interface Statistics for ix1
In/out errors 63383 / 0
Same behavior with DAC or Fiber Gbic's
Same behavior for both Hosts
Any Hints ?
sysctl -A | grep -i "dev.ix.[0-1].mac_stats" | grep err
dev.ix.1.mac_stats.checksum_errs: 107297
dev.ix.1.mac_stats.rec_len_errs: 0
dev.ix.1.mac_stats.byte_errs: 0
dev.ix.1.mac_stats.ill_errs: 0
dev.ix.1.mac_stats.crc_errs: 0
dev.ix.1.mac_stats.rx_errs: 107297
dev.ix.0.mac_stats.checksum_errs: 3467726
dev.ix.0.mac_stats.rec_len_errs: 0
dev.ix.0.mac_stats.byte_errs: 0
dev.ix.0.mac_stats.ill_errs: 0
dev.ix.0.mac_stats.crc_errs: 0
dev.ix.0.mac_stats.rx_errs: 3467726
#11
Tutorials and FAQs / Re: Tutorial 2021/12: HAProxy + Let's Encrypt Wildcard Certificates + 100% A+ Rating
March 13, 2022, 09:42:06 PMQuote from: Morta on February 12, 2022, 09:13:03 PM
I got this errorQuote[WARNING] (20353) : Proxy '1_HTTP_frontend': L6 sample fetches ignored on HTTP proxies (declared at /usr/local/etc/haproxy.conf.staging:70).
Warnings were found.
Configuration file is valid
What is wrong?
on Step:
Services --> HAProxy --> Settings --> Rules & Checks --> Conditions
Here we will only create a "NoSSL_condition", which is necessary in order to identify non-HTTP traffic.
Please replace "req.ssl_ver gt 0" with "ssl_fc" also, select "custom" and on custom field enter "ssl_fc"
https://redmine.pfsense.org/issues/9261
#12
German - Deutsch / Re: HAProxy warnung nach update auf 22.1 - L6 sample fetches ignored on HTTP proxies
March 13, 2022, 09:32:52 PM
Es scheint das Problem hier zu liegen:
#### haproxy/conditions
### Traffic is SSL (TCP request content inspection)
--> # ACL: SSLEstablished
--> acl acl_5f60ac7b7738e3.07651849 req.ssl_ver gt 0
es soll hier gegen "Custom" und dann
ssl_fc
ersetzt werden.
Erklärung im Netz:
Please replace req.ssl_ver gt 0 with ssl_fc
https://redmine.pfsense.org/issues/9261
#### haproxy/conditions
### Traffic is SSL (TCP request content inspection)
--> # ACL: SSLEstablished
--> acl acl_5f60ac7b7738e3.07651849 req.ssl_ver gt 0
es soll hier gegen "Custom" und dann
ssl_fc
ersetzt werden.
Erklärung im Netz:
Please replace req.ssl_ver gt 0 with ssl_fc
https://redmine.pfsense.org/issues/9261
#13
22.1 Legacy Series / Re: Interface errors after Upgrade
February 24, 2022, 12:14:34 PM
Hi !
2 cases with same Problem after update to 22.1
sysctl -A | grep -i "dev.ix.[0-1].mac_stats" | grep err
dev.ix.1.mac_stats.checksum_errs: 103470
dev.ix.1.mac_stats.rec_len_errs: 0
dev.ix.1.mac_stats.byte_errs: 0
dev.ix.1.mac_stats.ill_errs: 0
dev.ix.1.mac_stats.crc_errs: 0
dev.ix.1.mac_stats.rx_errs: 103470
dev.ix.0.mac_stats.checksum_errs: 1257491
dev.ix.0.mac_stats.rec_len_errs: 0
dev.ix.0.mac_stats.byte_errs: 0
dev.ix.0.mac_stats.ill_errs: 0
dev.ix.0.mac_stats.crc_errs: 0
dev.ix.0.mac_stats.rx_errs: 7283759
dev.ix.1.%desc: Intel(R) X520 82599ES (SFI/SFP+)
dev.ix.0.%desc: Intel(R) X520 82599ES (SFI/SFP+)
X520-DA2 % X520-SR2
same problem with 10Gbe DAC cabling or original 10Gbe Gbic adapters,
HPE Switch's with LACP. Tested without LACP too, no changes ...
Cheers,
2 cases with same Problem after update to 22.1
sysctl -A | grep -i "dev.ix.[0-1].mac_stats" | grep err
dev.ix.1.mac_stats.checksum_errs: 103470
dev.ix.1.mac_stats.rec_len_errs: 0
dev.ix.1.mac_stats.byte_errs: 0
dev.ix.1.mac_stats.ill_errs: 0
dev.ix.1.mac_stats.crc_errs: 0
dev.ix.1.mac_stats.rx_errs: 103470
dev.ix.0.mac_stats.checksum_errs: 1257491
dev.ix.0.mac_stats.rec_len_errs: 0
dev.ix.0.mac_stats.byte_errs: 0
dev.ix.0.mac_stats.ill_errs: 0
dev.ix.0.mac_stats.crc_errs: 0
dev.ix.0.mac_stats.rx_errs: 7283759
dev.ix.1.%desc: Intel(R) X520 82599ES (SFI/SFP+)
dev.ix.0.%desc: Intel(R) X520 82599ES (SFI/SFP+)
X520-DA2 % X520-SR2
same problem with 10Gbe DAC cabling or original 10Gbe Gbic adapters,
HPE Switch's with LACP. Tested without LACP too, no changes ...
Cheers,
#14
22.1 Legacy Series / Intel X520-DA2 Series Connectivity Issues / Input-error after upgrade to 22.1
February 23, 2022, 10:07:18 AM
I upgraded to 22.1 last week and everything went off without a hitch.
A quick hardware overview.
I run Opnsense as pure Firewall (High Avail. Scenario, 2 Hosts, 2 Switch, LACP)
Hosts with 32G, Xeon E2620, Intel x520-DA2.
1 host with Fiber/ 1 Host with DAC.
lacp over both ports on X520.
more vlans on top of lagg.
Interface Statistics for lagg0
In/out packets 716441825 / 712558018 (358.71 GB / 284.60 GB)
In/out packets (pass) 716347241 / 712557150 (358.70 GB / 284.60 GB)
In/out packets (block) 4574009 / 868 (92 KB / 44 KB)
In/out errors 6801598 / 1657
Interface Statistics for ix0
In/out errors 6738215 / 0
Interface Statistics for ix1
In/out errors 63383 / 0
Same behavior with DAC or Fiber Gbic's
Same behavior for both Hosts
Any Hints ?
A quick hardware overview.
I run Opnsense as pure Firewall (High Avail. Scenario, 2 Hosts, 2 Switch, LACP)
Hosts with 32G, Xeon E2620, Intel x520-DA2.
1 host with Fiber/ 1 Host with DAC.
lacp over both ports on X520.
more vlans on top of lagg.
Interface Statistics for lagg0
In/out packets 716441825 / 712558018 (358.71 GB / 284.60 GB)
In/out packets (pass) 716347241 / 712557150 (358.70 GB / 284.60 GB)
In/out packets (block) 4574009 / 868 (92 KB / 44 KB)
In/out errors 6801598 / 1657
Interface Statistics for ix0
In/out errors 6738215 / 0
Interface Statistics for ix1
In/out errors 63383 / 0
Same behavior with DAC or Fiber Gbic's
Same behavior for both Hosts
Any Hints ?
#15
Tutorials and FAQs / Re: Tutorial 2021/12: HAProxy + Let's Encrypt Wildcard Certificates + 100% A+ Rating
February 19, 2022, 01:17:00 PMQuote from: Morta on February 12, 2022, 09:13:03 PM
I got this errorQuote[WARNING] (20353) : Proxy '1_HTTP_frontend': L6 sample fetches ignored on HTTP proxies (declared at /usr/local/etc/haproxy.conf.staging:70).
Warnings were found.
Configuration file is valid
What is wrong?
https://forum.opnsense.org/index.php?topic=27065.msg131206#msg131206
