1
21.1 Legacy Series / Re: Cannot enable jumbo frames on vlan interfaces.
« on: March 31, 2021, 01:32:12 am »
Can anyone else confirm this issue?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
21.1 Legacy Series / Cannot enable jumbo frames on vlan interfaces.
« on: March 28, 2021, 01:00:31 pm »
Using single NIC (em0) physical box with Intel em driver and many vlans for testing. OPNsense 21.1-amd64
Originally em0 was left unassigned. All vlan sub-interfaces were assigned.
Setting vlan/OPT interface MTU to 9000 from Interfaces > Assignments page does not seem to work.
Adding em0 as an 'assigned interface' with 9000 mtu does not help.
I am able to apply the setting in web gui without issue, but unable to ping or route over 1500 MTU.
Originally em0 was left unassigned. All vlan sub-interfaces were assigned.
Setting vlan/OPT interface MTU to 9000 from Interfaces > Assignments page does not seem to work.
Adding em0 as an 'assigned interface' with 9000 mtu does not help.
I am able to apply the setting in web gui without issue, but unable to ping or route over 1500 MTU.
3
Virtual private networks / Re: There were errors loading the rules: no IP address found for ovpns2
« on: March 24, 2021, 11:09:45 am »
Hi Franco,
This patch resolves the issue for me.
I have rebooted and restarted service many times, no more error.
Thank you!
This patch resolves the issue for me.
I have rebooted and restarted service many times, no more error.
Thank you!
4
Virtual private networks / Re: There were errors loading the rules: no IP address found for ovpns2
« on: March 22, 2021, 10:57:14 pm »
Hi Franco,
Thank you for the quick reply.
Currently fresh install of OPNsense 21.1-amd64. Same happens on 21.1.3.
To troubleshoot, I have basically a stock install.
NAT - Only default anti-lockout port forward rule. Outbound NAT still set to Auto.
I have not created any rules under the ovpns2 interface I added or the automatically created OpenVPN interface.
Here are logs from a fresh bootup (hopefully this is what you were wanting):
# tail -n 500 -f /tmp/rules.debug | grep ovpns2
scrub on ovpns2 all
antispoof log for ovpns2
# block in log quick on ovpns2 inet from {<bogons>} to {any} label "bfa392e3f9e0968767c9ad6727c500d4" # Block bogon IPv4 networks from site2site
# block in log quick on ovpns2 inet6 from {<bogonsv6>} to {any} label "f368f87bceb1dfc8db199225e1943e3a" # Block bogon IPv6 networks from site2site
# block in log quick on ovpns2 inet from {10.0.0.0/8,127.0.0.0/8,100.64.0.0/10,172.16.0.0/12,192.168.0.0/16} to {any} label "1d18405cac180c405306d70abe97a3b5" # Block private networks from site2site
# block in log quick on ovpns2 inet6 from {fc00::/7} to {any} label "41a3a7eebde7e566aa1b15a191ac7199" # Block private networks from site2site
pass out log route-to ( ovpns2 192.168.97.2 ) from {ovpns2} to {!(ovpns2:network)} keep state allow-opts label "ea7bf6631c7a94600550c4313a86bd51" # let out anything from firewall host itself (force gw)
# pass in log quick on ovpns2 reply-to ( ovpns2 192.168.97.2 ) inet from {any} to {any} keep state label "9c9960f347668babb853d39526b9a9a2"
From what I can tell, everything works fine. Tunnel comes up, I am able to log in to the router on the other end right away. Just get that error after every reboot.
I just tried adding an allow all rule to the ovpns2 interface and reboot. Same error.
Thank you for the quick reply.
Currently fresh install of OPNsense 21.1-amd64. Same happens on 21.1.3.
To troubleshoot, I have basically a stock install.
NAT - Only default anti-lockout port forward rule. Outbound NAT still set to Auto.
I have not created any rules under the ovpns2 interface I added or the automatically created OpenVPN interface.
Here are logs from a fresh bootup (hopefully this is what you were wanting):
# tail -n 500 -f /tmp/rules.debug | grep ovpns2
scrub on ovpns2 all
antispoof log for ovpns2
# block in log quick on ovpns2 inet from {<bogons>} to {any} label "bfa392e3f9e0968767c9ad6727c500d4" # Block bogon IPv4 networks from site2site
# block in log quick on ovpns2 inet6 from {<bogonsv6>} to {any} label "f368f87bceb1dfc8db199225e1943e3a" # Block bogon IPv6 networks from site2site
# block in log quick on ovpns2 inet from {10.0.0.0/8,127.0.0.0/8,100.64.0.0/10,172.16.0.0/12,192.168.0.0/16} to {any} label "1d18405cac180c405306d70abe97a3b5" # Block private networks from site2site
# block in log quick on ovpns2 inet6 from {fc00::/7} to {any} label "41a3a7eebde7e566aa1b15a191ac7199" # Block private networks from site2site
pass out log route-to ( ovpns2 192.168.97.2 ) from {ovpns2} to {!(ovpns2:network)} keep state allow-opts label "ea7bf6631c7a94600550c4313a86bd51" # let out anything from firewall host itself (force gw)
# pass in log quick on ovpns2 reply-to ( ovpns2 192.168.97.2 ) inet from {any} to {any} keep state label "9c9960f347668babb853d39526b9a9a2"
From what I can tell, everything works fine. Tunnel comes up, I am able to log in to the router on the other end right away. Just get that error after every reboot.
I just tried adding an allow all rule to the ovpns2 interface and reboot. Same error.
5
Virtual private networks / There were errors loading the rules: no IP address found for ovpns2
« on: March 22, 2021, 07:02:23 am »
Just moved to opnsense.
Have multiple OpenVPN servers.
This one is a site2site with Opnsense as the server. Others are road warrior.
I have assigned ovpns2 as an interface under Interfaces > Assignments so that I can manage each VPN's fw rules and traffic graphs individually.
After any reboot or restarting ovpns2, I get notification/error message up top:
"There were errors loading the rules: no IP address found for ovpns2"
Is this an issue with the way I am using Opnsense? I believe I should not be seeing this error.
Please correct me if I am wrong!
Have multiple OpenVPN servers.
This one is a site2site with Opnsense as the server. Others are road warrior.
I have assigned ovpns2 as an interface under Interfaces > Assignments so that I can manage each VPN's fw rules and traffic graphs individually.
After any reboot or restarting ovpns2, I get notification/error message up top:
"There were errors loading the rules: no IP address found for ovpns2"
Is this an issue with the way I am using Opnsense? I believe I should not be seeing this error.
Please correct me if I am wrong!
Pages: [1]