Messages

Regarding multiwan and ipv6 you have to disable shared forwarding in Firewall Settings Advanced

Michael, you made my day. It finally works. For months I have been looking for this solution to my obscure IPv6 multiwan routing problem. I would never have guessed that "shared forwarding" option on the basis of the help texts. Thank you so much for sharing.

--
Johannes Franken

> uncomment the leap line in /usr/local/etc/raddb/mods-enabled/eap

I was about to propose the same workaround.
Worked for me, too.

--
Johannes Franken

On our OPNsense 21.1.4/DEC3850 we were experiencing several hanging ipsec ikev2 associations per day until I disabled aesni.

Four weeks ago, I changed the phase 1 and 2 algorithms from CBC (aes256-sha256-modp2048!) to GCM (aes256gcm16-sha256-modp2048!) and re-enabled aesni. Since then, not a single hitch, same with 21.1.5.

Check

grep -e " ike =" -e " esp =" /usr/local/etc/ipsec.conf

to test if you got them all.

Regards
Johannes Franken