Messages

I changed the IP-address of the management interface and everything works like before. I dont know what the problem was. Before I also testet diffrent browser and cleaned the browser cache, which had no effect.

Hello,

we had opnsense 20.1 running without problems for about over a year, and now I made a fresh install of 21.7 on the same hardware (seccond device with same components) and importet the configuration from 20.1. When I connect to the webinterface it takes about a minute to accept my credentials. I determined, that it takes about a minute to open the Dashboard. Even when I switch from other areas back to it. It also takes about 20 sec. to open any of the the areas unter Firewall -> Rules, over one minute to open Status Overview for IPSec. The rest is fast as before. On 20.1 anything worked without problems. Are there known issues for this migration path or has anyone a idea what could be the problem?

Thanks.

With the OpenVPN GUI client from the community downloads it is now working. Thank you very much.

I use OpenVPN Connect, but I will try open vpn community edition.

Hello,

I am trying to make a VPN connection with username, password and client certificate, but when I try to connect I get this message:

Connection Failed
Error Message: ssl_context_error:
OpenSSL Context: CA not defined

This is how the VPN is configured:

On the Opnsense (v 20.1) I have a OpenVPN Server. Servermode is SSL/TLS + User Auth. The interface is the WAN Interface. TLS authentication is active. The right CA is activated.  As server certificate the certificate for the VPN is activated. Certificate depth is One (Client + Server). I added a new user, gave him a password and created a user certificate. Whe I created the user certificate I created an internal certificate with the CA of the VPN and the type client certificate. I exported the archive and importet it in the client. I added the user certificate in the client and in the profile. When I try to connect I get the error. Any ideas what the problem might be. Thanks.

Darius

I tried the new release and it worked perfect. Thanks again for your help.

Ok, thank you. We will wait for 20.7. and test it again.

Thanks for your reply.

Without promisc mode there is no bonding, but i have a link. Here are two outputs of my switch. The first without and the seccond with promisc mode enabled.

<switch>display link-aggregation verbose
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Port Status: S -- Selected, U -- Unselected, 
             I -- Individual, * -- Management port
Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,
        D -- Synchronization, E -- Collecting, F -- Distributing,
        G -- Defaulted, H -- Expired

Aggregate Interface: Bridge-Aggregation1
Aggregation Mode: Dynamic
Loadsharing Type: Shar
Management VLAN : None
System ID: 0x8000, 4cae-a365-4cdd
Local:
  Port             Status  Priority Oper-Key  Flag
--------------------------------------------------------------------------------
  XGE1/0/51        U       32768    1         {ACD}
  XGE1/0/52        U       32768    1         {ACD}
Remote:
  Actor            Partner Priority Oper-Key  SystemID               Flag   
--------------------------------------------------------------------------------
  XGE1/0/51        1       32768    434       0x8000, 2c76-8a5c-7350 {ACG}
  XGE1/0/52        2       32768    434       0x8000, 2c76-8a5c-7350 {ACG}



<switch>display link-aggregation verbose
Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing
Port Status: S -- Selected, U -- Unselected, 
             I -- Individual, * -- Management port
Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,
        D -- Synchronization, E -- Collecting, F -- Distributing,
        G -- Defaulted, H -- Expired

Aggregate Interface: Bridge-Aggregation1
Aggregation Mode: Dynamic
Loadsharing Type: Shar
Management VLAN : None
System ID: 0x8000, 4cae-a365-4cdd
Local:
  Port             Status  Priority Oper-Key  Flag
--------------------------------------------------------------------------------
  XGE1/0/51        S       32768    1         {ACDEF}
  XGE1/0/52        S       32768    1         {ACDEF}
Remote:
  Actor            Partner Priority Oper-Key  SystemID               Flag   
--------------------------------------------------------------------------------
  XGE1/0/51        1       32768    434       0x8000, 2c76-8a5c-7350 {ACDEF}
  XGE1/0/52        2       32768    434       0x8000, 2c76-8a5c-7350 {ACDEF}


After disabling promisc mode I get this messages on the opnsense:

bxe0: Interface stopped DISTRIBUTING, possible flapping
bxe1: Interface stopped DISTRIBUTING, possible flapping

Hi,

I have a HP Proliant DL 380 Gen9 with 4x Broadcom NetXtreme BCM5719 Gigabit Ethernet (integrated NICs) and 4x Broadcom NetXtreme II BCM57810 10 Gigabit Ethernet (2x Dualport PCIe Cards installed). My switch is HPE FlexNetwork 5130 (JG941A).

I can't get LACP working with the 10Gbit Cards without enabling promiscuous mode in FreeBSD over ifconfig lagg0 promisc. With the 1Gbit Cards it's no Problem. There I do not have to enable promiscuous mode.

I tried two ports of the same 10 Gbit card in one LAGG and one port of each card. In both cases it doesent work. If only one ethernet cable is connectet it doesen't work ether.

Has anyone an idea how to fix this? I am also glad to hear about tips to troubleshoot this issue.

Thanks Darius