"This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
25.1, 25.4 Series / Re: Unable to delete orphaned certificate
July 03, 2025, 11:22:50 AM #2
22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3
December 28, 2022, 11:27:43 PM
I can confirm, that with 22.7.10_2 it ist working again.
I think, it would be better to switch to newer key format as suggestet here: https://github.com/opnsense/plugins/commit/de660623ed
then change md5 with sha in next step.
@franco: If you need tests-keys and setup I can help out.
I think, it would be better to switch to newer key format as suggestet here: https://github.com/opnsense/plugins/commit/de660623ed
then change md5 with sha in next step.
@franco: If you need tests-keys and setup I can help out.
#3
22.7 Legacy Series / Re: Communication between two LANs
December 28, 2022, 10:48:32 PM
Maybe you problem is
QuoteFirewall: Settings: Advanced: Disable reply-totry to activate it.
#4
22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3
December 15, 2022, 01:22:57 PM #5
22.7 Legacy Series / Re: plugin dns/rfc2136 not working in 22.7.9_3
December 09, 2022, 12:35:42 PM
maybe it helps: this one is working to:
/usr/local/bin/nsupdate -y hmac-md5:KEYNAME:SECRET /var/etc/nsupdatecmds0
/usr/local/bin/nsupdate -y hmac-md5:KEYNAME:SECRET /var/etc/nsupdatecmds0
#6
22.7 Legacy Series / plugin dns/rfc2136 not working in 22.7.9_3
December 09, 2022, 12:17:15 PM
The plugin is not working any more?!
when I try myself I get the following error:
/usr/local/bin/nsupdate -k /var/etc/K0lod-01.dyn-ip.info.+157+00000.key /var/etc/nsupdatecmds0
09-Dec-2022 12:03:31.836 /var/etc/K0<DOMAIN>.+157+00000.key:1: unknown option <DOMAIN>.'
09-Dec-2022 12:03:31.838 /var/etc/K0<DOMAIN>.+157+00000.key:2: unexpected token near end of file
could not read key from /var/etc/K0<DOMAIN>.+157+00000.{private,key}: unexpected token
update failed: REFUSED
when I manually create a keyfile like it is stored in bind it is working:
key "KEYNAME" {
algorithm hmac-md5;
secret "SECRET";
};
when I try myself I get the following error:
/usr/local/bin/nsupdate -k /var/etc/K0lod-01.dyn-ip.info.+157+00000.key /var/etc/nsupdatecmds0
09-Dec-2022 12:03:31.836 /var/etc/K0<DOMAIN>.+157+00000.key:1: unknown option <DOMAIN>.'
09-Dec-2022 12:03:31.838 /var/etc/K0<DOMAIN>.+157+00000.key:2: unexpected token near end of file
could not read key from /var/etc/K0<DOMAIN>.+157+00000.{private,key}: unexpected token
update failed: REFUSED
when I manually create a keyfile like it is stored in bind it is working:
key "KEYNAME" {
algorithm hmac-md5;
secret "SECRET";
};
#7
20.7 Legacy Series / Re: opnsense freezes and needs reboot
June 15, 2021, 08:59:53 PM
I now have the problem with 21.1.6.
FreeBSD-12.x and pfSense are working fine.
I have a OpnSense-Cluster on two Dell R630 on 10GB-Links. Sometimes, both VMs freezed within one hour :-(
Tried all combinations of +/- lro, +/- tso, +/- (rxcsum, txcsum) and vlanhwtag: Nothing worked.
Any new idea on this?
FreeBSD-12.x and pfSense are working fine.
I have a OpnSense-Cluster on two Dell R630 on 10GB-Links. Sometimes, both VMs freezed within one hour :-(
Tried all combinations of +/- lro, +/- tso, +/- (rxcsum, txcsum) and vlanhwtag: Nothing worked.
Any new idea on this?
#8
Virtual private networks / possible bug: "X509v3 Key Usage" in CA
October 28, 2020, 08:08:50 AM
Hi,
maybe there is a bug in creating a CA:
there should be a
Certificate:
Signature Algorithm:
X509v3 extensions:
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
or something like this.
When I create a CA in opnSense, there is no "X509v3 Key Usage".
maybe there is a bug in creating a CA:
there should be a
Certificate:
Signature Algorithm:
X509v3 extensions:
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
or something like this.
When I create a CA in opnSense, there is no "X509v3 Key Usage".
Pages1
