Messages

I agreed that the fix make it works now.
Thanks !

I can confirm that the issue continues when all nodes are up to date.

But I'm not willing to downgrade my productive nodes honestly ... They are "heavily" used for business purpose so this is something I would like to avoid.

Are all nodes up to date?

Yes. Not at the first point, but now it is and it's still the same.
Note: I noticed that the "Network Time" wasn't sync at one point which is now the case. I obviously didn't change anything in regards of time so I'm wondering if this could have any link.
Note: Sorry I (d|w)on't have a reddit account

We rely on OPNCentral to keep our both mains firewall (recently updated to 25.10.1) and it seems that OPNCentral isn't able to sync few services (like Firewall Rules, NAT, etc).
We're using wireguard connection between the two firewall which are UP but I do not find any related logs so I'm wondering is anyone else faced the same issue ?

Hi Patrick,

Some constructors provide a more details stencils ( where you can pin-point to the exact port), example here on a neatgear switch :


Most of them are available on this github repo btw: https://github.com/girlpunk/VisioStencils

Dear Community,

The Deciso team confirmed me that there is no Microsoft Visio Stencil available for the OPNsense appliances.

I'm then asking the community is there is anything out there that I'm not aware of which I could use for my Visio diagram ? I guess anything with the same amount of port would do the job, (more specifically for my DEC4610 but I guess people would be happy to have the other model covered too).

Please let me (us?) know !

Hi,

I'm on 23.10.2 (business edition) and I have a strange behavior.
I was using for few weeks, a OpenVPN client on my OPNSense firewall.
Since then, I've remove all the configuration related to it (nothing left except few logs) but I still have the firewall rules for a (ghost?) "OpenVPN" interface ?!

It kinda weird as I don't have any "OpenVPN" interface anymore... Out of "safety" (more for my peace of mind) I've removed all the rules, but I still have the 15 Automatically generated rules ?!

I tried to restart the appliance, but it still there. Is there anything do to to correct this as I shouldn't see this rules/interface at all, right ?

My bad .... I paste the wrong public key to my user access  :-[

[ed25519-sk]

Hi Everyone,

I recently bought a security key (Yubikey/Nitrokey type) and create a new pair of ed25519-sk type.
I'm a bit surprised that I'm not able to use on a:

OPNsense 23.4.2-amd64
FreeBSD 13.1-RELEASE-p8
OpenSSL 1.1.1v 1 Aug 2023

When my "normal" ed25519 works perfectly.

Is there something I can do to allow such ssh key type ?

I really appreciate the answer you all gave me.

But I tried to setup a test instance, on :
Virtualbox 6.X (Windows 10)
Virtualbox 7.X (Windows 11)
ESXi (7.X)
Vagrant (on windows 11 with Vbox 7.X)

All of those, finally end-up failling.

I know my request is unusual, but still quite simple. Could any of you, if the repo & the plugin install, send me the content of the configuration file ?
Then, it could also help someone else directly who also may need it ?

Thanks in advance !

Yeah, unfortunately, I have to use Windows (11, but I tried on 10 with Virtualbox 6.X, same result)

[Edit]

I actually tried to run OPNSense 22.7 (the version I have in production) on Virtualbox 6.x & 7.x, I got a panic kernel on both case ..

I don't want to use the repo, because the author clearly stated that :

Don't use it in production environments, I only test a couple of them from time to time

Edit: I'm quite new with Vagrant but still give a try and end-up having this error about NFS :

vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
It appears your machine doesn't support NFS, or there is not an
adapter to enable NFS on this machine for Vagrant. Please verify
that `nfsd` is installed on your machine, and try again. If you're
on Windows, NFS isn't supported. If the problem persists, please
contact Vagrant support.

Thanks @mimugmail, but it's the "Elsewhere" which bother me currently, any chance to get your/the default values ?

I was looking for an alternative of ARPWatch from PFSense and I found out OPN-ARP from the community repo here https://www.routerperformance.net/opnsense-repo/ from @mimugmail.

I would like to run this script on stand-alone mode without using the REPO (as I'm productive environment), but I can't seems to find the configuration file aside the script posted here : https://gist.github.com/mimugmail/6cee79cdf97d49b1d6fc130e79dc3fa9

Is there a chance that someone using the repo can send me the content of the following file: 

Code Select Expand

/usr/local/etc/opn-arp.conf

Thanks, I'll mark the topic solved