Messages

So your ISP is PlusNet (part of the BT group as I was last aware).

You look to have a gateway running. Some DHCP errors. Maybe sort those out next.

Then it might be helpful if you try a state what problem you are trying to solve.

Who is your ISP?
Is PPPoE configured and connected?
Do you need to use a VLAN for your ISP?

Not trying to be obtuse, just my train of thought went in another direction.

Plugins

os-apcupsd
os-cpu-microcode-intel
os-nextcloud-backup
os-squid
os-tayga
os-theme-vicuna
os-wol

HP ProLiant MicroServer Gen10 Plus

I posted just after this had occurred.

On reflection I wondered if this is related to earlier reports where when a restart had been requested the GUI displayed the Dashboard followed by a delay before the restart was executed.

[The system is powering off now]

I've just tried to restart a firewall several times from the GUI. It returned to the GUI sometime later without restarting.

I then tried to power it off. The GUI remained at The system is powering off now but never powered off.

Watching the console via the iLO interface no activity was logged during this process.

I've not seen any problems with my  Android devices, which include a Nexus 7 (2013) a Galaxy S6e and current models.

These are all on IPv4 networks.

I've done a couple of firewalls.

They did both reboot, but not before showing the dashboard with 24.7.5.

I watched the second one via it's iLO console an could see a delay between the dashboard refresh and it starting to stop services for the reboot.

Try using the fullchain.pem instead of the cert.pem

I've seen this sort of behavior when using Freepbx/PBXact with Endpoint Manager to configure remote SIP devices.

If this is your scenario try resetting the SIP device to factory, configure a temporary rule on the firewall to allow insecure access to the configuration address, set the SIP device provisioning to the same address and run the provisioning.

When it restarts it should bring up the VPN and then use the secure address to talk to the PBX. After which you can remove the temporary rule.

My bad if this has changed.

The quote was from Franco.

From https://forum.opnsense.org/index.php?topic=2790.0

MAC addresses are not covered by FreeBSD's ipfw(4) and pf(4) packet filters which OPNsense uses. You can, however, use the captive portal functionality to allow access only to specific MAC addresses in the advanced configuration, see "Allowed MAC addresses".

If you search the forum you will find that several people have created migration scripts.

The Kea service has had CSV import and export capability added to it.

The DHCPv4 service does not currently have a CSV export function.

Could you be missing the end-point port number?

And presuming you have a peer PublicKey value.

Would it be worth adding a DNS field to VPN: Wireguard: Peer Generator?

It may resolve an issue where people are configuring road warriors, which can't resolve DNS, which looks to be a common question.

Edit: And possibly an IP address field.

If export/import is added to the ISC DHCPv4/v6 using the same file format as the existing Kea export/import, then migration of reservations between the two becomes trivial.