OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of bradforr »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - bradforr

Pages: [1]
1
Virtual private networks / Re: Questions to Migrate OpenVPN Servers legacy to Instances New
« on: July 28, 2024, 07:46:57 pm »
I'm having a major issue using the new "Interfaces" system... It seems that there is a shiny one pager that is supposed to do everything but what is now lacking is the wonderful little Wizard that guided you through creating all the SSL certs and things.

I also cannot seem to get it to work... I then discovered a whole lot of firewall entries that were there under previous versions (assuming created by the wizard) that just don't appear to be there under a fresh install of the new OPNSense...

Serious downgrade.

At least I can use Wireguard because otherwise I'd be in a tough spot... I cannot get this to work in any stable way because documentation and ease of setup have just gone down the toilet.

2
22.1 Legacy Series / Monit Reboot Wireguard Service
« on: September 13, 2022, 02:12:39 pm »
I'm trying to set up a reboot of the Wireguard service using Monit

So far, I've managed to start Monit and create a Service Test Setting for pinging from the Wireguard local address.

Now I'm setting up the Service Settings tab and I'm a bit stuck.

Type: Remote Host
Address: <Remote site Wireguard interface IP>
Start: ???
Stop: ???
Tests <ping test set up previously>

So what entries do I put into the Start and Stop section?
Would it be something like "/usr/local/etc/rc.d/wireguard start" and "/usr/local/etc/rc.d/wireguard stop"?? I saw somewhere in the dashboard that it mentions "wireguard-go"? Do I need a different name?

3
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 02:37:09 pm »
I ran it anyway and the system updated.

Now busy with the upgrade to 22.1 without issue.

Thanks for the help.

4
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 02:32:16 pm »
I did some hunting, and typed "man opnsense-bootstrap" and found an option listed.

opnsense-bootstrap -i

This doesn't stop on insecure certificates. Would that work?

5
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 02:12:47 pm »
Code: [Select]
root@SAICE-OPNS:~ # opnsense-bootstrap -V
+ uname -s
+ FBSDNAME=FreeBSD
+ [ FreeBSD '!=' FreeBSD ]
+ uname -p
+ FBSDARCH=amd64
+ [ amd64 '!=' amd64 ]
+ uname -r
+ colrm 4
+ FBSDVER=12.
+ [ 12. '!=' 12. ]
+ echo 'This utility will attempt to turn this installation into the latest'
This utility will attempt to turn this installation into the latest
+ echo 'OPNsense 21.7 release.  All packages will be deleted, the base'
OPNsense 21.7 release.  All packages will be deleted, the base
+ echo 'system and kernel will be replaced, and if all went well the system'
system and kernel will be replaced, and if all went well the system
+ echo 'will automatically reboot.'
will automatically reboot.
+ [ -z '' ]
+ echo

+ echo -n 'Proceed with this action? [y/N]: '
Proceed with this action? [y/N]: + read YN
Y
+ [ -n '' ]
+ [ -n '' ]
+ echo

+ [ -n '' ]
+ rm -rf /usr/local/etc/pkg
+ rm -rf '/tmp/opnsense-bootstrap/*'
+ mkdir -p /tmp/opnsense-bootstrap
+ export 'ASSUME_ALWAYS_YES=yes'
+ [ -n '' ]
+ pkg bootstrap -f
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/latest, please wait...
pkg: Error loading trusted certificates
root@SAICE-OPNS:~ #

This is the output

6
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 02:01:26 pm »
21.7

7
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 01:52:23 pm »
I connect to the console, load the shell, type "opnsense-bootstrap" and it asks to confirm, I say Y... And then it starts but then just throws out that line and stops.

8
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 01:44:21 pm »
I get

pkg: Error loading trusted certificates

9
21.7 Legacy Series / Re: pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 01:42:05 pm »
Sorry, I'm a bit new to this... What?

10
21.7 Legacy Series / pkg: pkg is not installed, therefore upgrade is impossible
« on: March 18, 2022, 01:40:01 pm »
I'm getting the following screen when I try process an upgrade.

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 21.7.1 (amd64/OpenSSL) at Fri Mar 18 12:38:08 UTC 2022
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.txz: .......... done
Processing entries: .......... done
OPNsense repository update completed. 777 packages processed.
All repositories are up to date.
pkg: pkg is not installed, therefore upgrade is impossible
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

So I'm not able to add certain modules (Like Wireguard) because I have the incorrect version. What can I do to fix it?

11
21.7 Legacy Series / 21.7.1 on Hyper-V Gen 2
« on: September 15, 2021, 02:19:24 pm »
Hi

I'm having an issue installing 21.7.1 on a Server 2019 Hyper-V Gen 2 VM with SecureBoot switched off from the DVD ISO.

It launches the installer, goes through most of the process but at the Final Configuration stage, I cannot interact with the VM. I have tried Ctrl + C but it doesn't do anything.

Advice?

12
Virtual private networks / Re: VPN "IPv4 Remote Network" not working
« on: September 01, 2021, 01:17:01 pm »
While hunting around online and trying a few things I found that if I enable "Topology" on the server config, add a Client Specific Override with the Common Name being set to to the user and add a line "ifconfig-push" into the Advanced with the IP and subnet... It then gives out the IP address.

I have two issues with this approach even though it works
1. I have no idea what it does or the implications of the setup
2. I see a notice that the Advanced option will be removed in the future

So what is the alternative or "correct" way to implement this?

13
Virtual private networks / VPN "IPv4 Remote Network" not working
« on: September 01, 2021, 12:15:40 pm »
I'm new to OpnSense and OpenVPN and having a small issue.

I have managed to get VPNs working for client machines.

What I cannot get is access to the client's local network when they are connected on VPN... I set "IPv4 Remote Network" but it doesn't seem to allow the servers access to the local network where the clients are connecting from.

Alternatively, how do I make sure a client gets the same tunnel IP whenever they connect?

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2