Messages

1

Zenarmor (Sensei) / Re: Zenarmor causing error "GnuTLS: The TLS connection was non-properly terminated"

« on: May 02, 2024, 10:21:23 am »

Do you have the paid version?

Nope - free version. I downloaded and installed the Zenarmor CA certificate and installed it on my Windows box, and then could download the file at the https address with the error.

Tried the same in my arch install and also importing the cert into TrueNAS, but still no luck on those machines.

2

Zenarmor (Sensei) / Re: Zenarmor causing error "GnuTLS: The TLS connection was non-properly terminated"

« on: May 01, 2024, 12:35:55 pm »

It always helps

V. helpful - thanks for the insights!

3

Zenarmor (Sensei) / Zenarmor causing error "GnuTLS: The TLS connection was non-properly terminated"

« on: May 01, 2024, 09:10:59 am »

Trying to install docker in a container today, I cam across this error when attempting a wget command.

Code: [Select]

Connecting to syd1lxdmirror01.do.letsbuildthe.cloud (syd1lxdmirror01.do.letsbuildthe.cloud)|170.64.160.91|:443... connected.
GnuTLS: The TLS connection was non-properly terminated.
Unable to establish SSL connection.

Same issue on a couple of machines, and trying to wget different files.

Being behind my OPNsense router, the first step I tried solved the issue - disabling Zenarmor's active protection on my LAN (netmap).

Thoughts?

4

24.1 Legacy Series / Upgrade to 24.1.2 hung on "All buffers synced"

« on: February 22, 2024, 01:06:32 am »

Routine upgrade from GUI today took a while, so I checked what was going on, and the shutdown had hung at "All buffers synced". Left it for several minutes, and eventually pulled the power plug.

On reboot, upgrade proceeded and all is well.

5

24.1 Legacy Series / Re: haproxy - GUI settings mostly blank!

« on: February 03, 2024, 04:19:59 am »

Might want to open a Github issue for this in opnsense/plugins. None of the patches I've seen this week dealt with similar issues.

Before GH though, are you using a particular theme ? Can you try the stock OPNsense one if so ?

Thanks - will look into that.

And no - am just using the default / standard theme.

I'm an idiot...I forgot there are drop-down menus! 

6

24.1 Legacy Series / haproxy - GUI settings mostly blank! [SOLVED]

« on: February 03, 2024, 01:13:35 am »

Just updated to 24.1 this morning, and in haproxy, under Settings, "Rules&Checks", "User Management", "Settings" and "Advanced" are all blank!

Despite this, my virtual servers are still working, so seems to be an error with GUI. Have tried a page refresh / private window / disabled ad blocker, but no dice.

EDIT: as below, I'm an idiot...I forgot there are drop-down menus! 

7

High availability / haproxy not starting on opnsense restart

« on: February 03, 2024, 01:05:59 am »

On OPNsense 23-series and now 24 I have a problem where haproxy often won't come up when the system reboots.

Since I use haproxy to access a number of services via virtual servers (home assistant etc) it's a bit of a problem having to go into the dashboard and manually restart haproxy.

So - a couple of questions / requests for help:

1) Is there a reason for this behaviour?
2) Is there a way (cronjob, systemd service call) to automate ensuring haproxy is up, and if not, start / restart it?

In regards #2, under HAProxy > Maintenance, there is a 'Cron Jobs' tab, which can be used to reload or restart HAProxy. I'm wondering if one of the configurable parameters could be used to "restart HAProxy IF not running"?

Thanks!

EDIT: and I've just discovered on 24.1 under settings, Rules&Checks, User Management, Settings and Advanced are all blank! Despite this, my virtual servers are still working, so seems to be an error with GUI. Will open a separate thread.... - I'm an idiot...I forgot there are drop-down menus! 

8

23.7 Legacy Series / haproxy not automatically starting on reboot.

« on: September 16, 2023, 12:49:40 am »

A bit of an intermittent one - but on some occasions i.e. after yesterday's updates, haproxy isn't restarting on reboot.

Had anyone else experienced this?

9

Zenarmor (Sensei) / Re: Zenarmor 1.14: 'Network error' after upgrading & fresh install stuck on wizard

« on: August 07, 2023, 09:52:49 pm »

Fixed, thanks.

10

Zenarmor (Sensei) / Re: Zenarmor 1.14: 'Network error' after upgrading & fresh install stuck on wizard

« on: August 07, 2023, 11:29:45 am »

Good work tracking this one down, everyone!

Dare I say, it looks like it *should* be a straightforward fix for Zenarmor.

Surprised this wasn't picked up in beta though - it's not as though running a firewall behind a certificate and FQDN is a bleeding-edge use case.

Unfortunately, I'll have to wait for the actual fix, since using the internal management IP address isn't working for me.

11

Zenarmor (Sensei) / Re: Zenarmor: 'Network error' after upgrading & fresh install stuck on wizard

« on: August 07, 2023, 09:39:17 am »

After updating zenarmor or try to reinstall it, the network connection come from the issue that zenarmor web ui try to fetch the js/css/img/html component from my WAN ip address and not the 192.168.1.1/opnsense.localdomain url ... + issue with CORS policy because of the mismatch of the 2 domains/ips

I think there is something wrong with the setup and the WAN address must nor be used to serve the web ui of zenarmor

FWIW, I access my OPNsense on a FQDN.

EDIT: I just tried to access via the router IP address (https://192.x.x.x:port) - still the same error / lack of progress / 'Network error'.

12

Zenarmor (Sensei) / [SOLVED] Zenarmor 1.14: 'Network error' after upgrading

« on: August 07, 2023, 12:58:00 am »

Upgraded to 1.14 from 1.13 today via the GUI and get "network error" in the Zenarmor pages.

So - uninstalled using the OPNsense plugins page, and reinstalled as per web instructions ( https://www.zenarmor.com/free-edition-plan).

Now, I'm stuck on the wizard - I get a spinning wheel under 'Database Settings', then nothing happens, and I can't select 'Next' to get to 'Interface Settings'. I suspect this is a netmap driver issue, or similar - although 1.13.4 was running fine.

There are no errors under 'Notifications', and the Info says "Engine Started".

13

Zenarmor (Sensei) / Re: [SOLVED] Just migrated from 23.1 to 23.7 and on new hardware - repo error

« on: July 31, 2023, 12:17:10 pm »

With 23.7 coming online in the next day or so, do I have to manually revert the repo to 23.7, or will the rest of the upgrade to 23.7 from rc3 take care of it?

EDIT: just got the upgrade done. And yes, I did have to manually change the name of the repo back to 23.7. All is working as expected now.

14

23.7 Legacy Series / Re: Alder Lake & FreeBSD 13.1 Issues Solved?

« on: July 25, 2023, 01:30:07 am »

From what I recall they were originally targeting July 31st to move to production with 23.7 so fingers crossed.

That still looks on track, according to the RC2 update released today. And FreeBSD13.2 is confirmed to have resolved the Nxxx issue.

15

23.7 Legacy Series / Re: Alder Lake & FreeBSD 13.1 Issues Solved?

« on: July 24, 2023, 11:58:22 pm »

I haven't tested the bug conditions formally, since my newly installed 23.7 RC1 router is in production, but I've not experienced any issues on the past few days of it running. Fingers crossed.

https://forum.opnsense.org/index.php?topic=34830.0