Messages

I was thinking that might be an issue. I couldn't get anything from it. I might be able to set up a logger of some kind. It would spew text to the screen, then reboot itself over and over. Made more difficult by my needing to use IPMI remote control.

Interesting "other" issue, the IPMI virtual media works fine for most things, but OpnSense and PfSense both dump a bunch of read errors. I had to burn a physical DVD-R to get it to boot. OpnSense still crashes in a similar way. PfSense was able to install and run from the disc. This feels more like a BSD thing, so it might just get fixed later. For the nano OpnSense image, I used a USB stick which had the same crash.

I had hope that people would have seen something similar. As it does it on bare metal when booting from a burned DVD, I don't see how it could be a configuration issue.

I needed to get something going as downloading images over mobile was getting old. Pf runs, but ipv6 is flaky and just stops working here and there. Wierd. Diabled for now, I'd rather have reliable v4 then broken v6.

I updated yesterday. The latest from the previous major version installed first, and the reboot was fine. Jumping to 24.7.3 causes what looks like a kernel panic on Linux. It happens shortly after the main kernel boot messages. I think the kernel is ok, I can boot to a command prompt when selecting single user at boot.

I thought perhaps it was just time to reinstall with the updated ZFS snapshot stuff. The ISO and Nano image both have the same crash.

I'm not as familiar with the low level troubleshooting on BSD as I am on Linux. If there are logs or other diagnostics I can provide to help, please let me know.

Hardware is a Supermicro 1U server.

X8-DTL board, E series quad core Xeon. Not sure which model, but I can get that. 24Gb RAM. 2 Intel SSDs. Mellanox ConnectX-3 NIC. Nothing real fancy.

Just to make sure the hardware is working, I booted an Ubuntu Server install ISO I had available. Seems to be running fine. So that's something anyway.

I got it working this morning. The change was to uncheck "Don't Pull Routes". The guides said it should be checked, but it worked. I still have "Don't add/remove routes" checked.

I'm sure I'm just missing something. I had this working on pfsense and would like to get it working on OPNSense.

I have an OpenVPN client running and the status and log show it working.

There is an interface set up for it, again, looks good.

I set a firewall rule up to send traffic for one address, with and without an alias, to that gateway.

And switched to hybrid NAT and added a rule for the VPN interface.


From /tmp/rules.debug, just the lines that seem to apply..

nat log on ovpnc1 inet from (em1:network) to any -> (ovpnc1:0) port 1024:65535
pass in log quick on em1 route-to ( ovpnc1 172.21.21.43 ) inet from $VPN_Required to {any} keep state tag NO_WAN_EGRESS label "e02f49801ddff506bae8ba433a95f9eb"

In the log I see traffic hit the firewall rule with pass, and the packet seems to get tagged. I don't think the NAT rule is working though. I get responses from the OPNSense rather than the server I expect. For example, "ping 8.8.8.8" gets replies from "10.0.0.1", the firewall IP.