Messages

Argh, network cable slipped out. Fatal User Error....

I see a COM port appearing in the device manager when I connect Windows PC to the DEC via USB cable, but when I try zo open a session using PuTTy on that com port ( using elevated rights) nothing happens.

I have used a Opnsense-based firewall (ready-to-use box from Deciso) for 3 years now, and regularly updated the OpnSense version.
Today, I simply cannot reach the firewall anymore (which I also use as DHCP server), my PCs don't get valid IP addresses. Even if I manually force them into the correct subnet, I cannot reach the firewall.
I checked the troubleshooting section, but all articles there seem to assume you can reach the web UI.

What can I do?

Edit: It's a DEC 600 and I already tried a hard reboot.

Hi all,
I use DHCPv4 service to assign local IP addresses.
Today, I connected a new device. It was assigned a valid IP address from the pool of dynamic addresses (i.e. those not used for static IP mappings).

The connection on the switch shows "active"
I can ping it within the network.

But it does not appear in my list of DHCP leases in the web UI.

This is important as I'd like to learn it's MAC address, and assign it a permanent IP.

Where do I need to look for dynamically assigned IP addresses? I've been looking under "DHCPv4 --> Leases"

The maximum setting that fits into a 32bit signed int is more than 60 years. That should do. I also only set this to specific static leases where I encounter these problems.

Interesting. Since I upped the maximum lease time, I no longer my Wifi AP's "device has been disconnected" error once every 24 hours.
Seems like not every device knows it needs to renew the lease...

So the default lease time is one day, even for statically mapped IP addresses. I understand now why my Wifi AP complains once a day that is was disconnected  :)

The ugly solution is to enter a ridiculously high value (2^31 comes to mind, since I don't know whether the value is stored signed or unsigned). As an engineer, this solution is not very satisfying. Is there a default "disable maximum lease time" option?

OK, someone at UniFi thought "Multicast and Broadcast Filtering" would make a great default option for a Wifi AP. I must have overlooked that at initial setup.

Case closed. Thanks for the help!

I can see mDNS requests sent via Wireshark (e.g. triggered by VLC), but I cannot see any answer although there should be multiple devices responding.
Should I see answers using filter "udp port 5353"?

Since both requester and responder are on the same switch, I guess this means that the switch somehow blocks the requests or replies?

For multicast on a single LAN the OPNsense is not needed at all, that's what mDNS was designed for imho...

You are right. I obviously misunderstood how mDNS works. The devices should take care of exchanging information by themselves, using broadcast, right?
Any advice how I get started analyzing broadcast issues in my network? (I am aware that this is outside OPNsense now...or can OPNsense help me trace the issue?)

As mentioned, I don't need a proxy between interfaces. I need mDNS to work within one interface. So I didn't see how the linked post could help me...?

How do I enable multicast DNS within my local network?
I have not found anything about mDns in the unbound DNS documentation. There is documentation about a multicast dns proxy, but all my devices are in the same VLAN, so that should not be necessary.
I already use unbound DNS with DHCP leases registered.

My symptoms are that Android and Kodi devices have issues discovering other devices in my local network, where a port scanner app can clearly show the device to be accessible. A vendor pointed me to mDNS as requirement for discovery of their sound equipment.

I don't really see where OPNsense comes into play.

Which is why I posted to the "General" section.
Anyway, I gave the Wifi AP a static IP address in the OPNsense DHCP configuration, and now I can ping my wireless devices. At least for the moment...

Thank you for your input!

The firewall is the DHCP server for both. DHCP is disabled on the Wifi AP, and the IP addresses used are consistent with the DHCP settings on the firewall.
I am pinging by IP address.
I have set up the Wifi-AP from scratch, and have not configured any NAT rules.

I have since found that I can ping the phone from a different wired PC (Windows 10). But even disabling the Windows Firewall on the original PC doesn't change anything.

Further suggestions on what to try?

EDIT: Small update: Now I cannot reach my phone from PC 1 even if I am connected to the same Wifi. I thought I had a workaround there...

I was testing a network connection issue, and wanted to temporarily remove a device from static IP mapping (DHCPv4).
1) The device was connected and had the static IP address
2) I removed the static mapping on firewall
3) I did "ipconfig release" and "ipconfig renew" on device
4) Firewall DHCP leases shows new IP address in list, but device shows old IP address
5) Rebooted device - still has old IP address
6) Restart all services on Firewall using console - finally, the device gets the new IP address

Is this a known issue with the DHCPv4 service?

EDIT: It works the other way round. If I assign a static IP address and do "ipconfig release" and "ipconfig renew", I immediately get the statically assigned address.