"
Maybe you are specifying a "Server Address"? And not a "Local Address"?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
25.7 Series / Re: SOLVED - 25.7.2 shadowsocks broken
August 26, 2025, 08:21:27 PMQuote from: akolman on August 26, 2025, 08:14:07 PMNo need to install the patch, just check for updates.Quote from: franco on August 26, 2025, 01:03:10 PMHotfix is now live.
I take it that means I'm OK to run opnsense-patch? Will be happy to test if so. Would the command just be:
# opnsense-patch -c plugins 0354e18?
#3
25.7 Series / Re: SOLVED - 25.7.2 shadowsocks broken
August 26, 2025, 08:17:26 PMQuote from: franco on August 26, 2025, 01:03:10 PMHotfix is now live.bish bash bosh :)
Thank you all so much. You'r the best!!!
#4
25.7 Series / Re: 25.7.2 shadowsocks broken
August 24, 2025, 09:11:37 PM
If someone needs it and doesn't want to mess around, here's a quick-dirty solution.
Delete the files:
And copy the files from the attachment. A reboot may be necessary.
Delete the files:
Code Select
/etc/rc.conf.d/shadowsocks_libev
/etc/rc.conf.d/ss_local
/usr/local/etc/rc.d/opnsense-ss-local
/usr/local/opnsense/service/templates/OPNsense/Shadowsocks/shadowsocks_libev
/usr/local/opnsense/service/templates/OPNsense/Shadowsocks/ss_local
/usr/local/opnsense/service/templates/OPNsense/Shadowsocks/ss_local.confAnd copy the files from the attachment. A reboot may be necessary.
#5
25.7 Series / SOLVED - 25.7.2 shadowsocks broken
August 22, 2025, 06:52:10 AM
Hi! I can't start shadowbox.
There is an error when installing the plugin
If you know, please tell me what I should pay attention to?
There is an error when installing the plugin
Code Select
Starting configd.
*** OPNsense\Shadowsocks\General migration failed from 0.0.0 to 1.0.1, check log for details
*** OPNsense\Shadowsocks\Local migration failed from 0.0.0 to 1.0.1, check log for details
When the service is forced to start, the status in the backend log is 127.If you know, please tell me what I should pay attention to?
#6
25.7 Series / Re: upgrade to 25.7 -> bootloader too old
July 28, 2025, 10:18:39 PMQuote from: tessus on July 28, 2025, 08:54:23 PM@Patrick Sure, here you go:Code Selectroot@cator00r:~ # gpart show -l
=> 40 234441568 ada0 GPT (112G)
40 409600 1 (null) (200M)
409640 1024 2 bootfs (512K)
410664 215567272 3 rootfs (103G)
215977936 16777216 4 swapfs (8.0G)
232755152 1686456 - free - (823M)
Maybe first correct the file system type from null to efi? For example - "gpart modify -i 1 -t efi ada0"
#7
25.7 Series / Re: upgrade to 25.7 -> bootloader too old
July 28, 2025, 06:51:52 PMQuote from: beneix on July 28, 2025, 06:00:16 PMNo compilation required, it's just a script. Download it, chmod +x it and run it as root.Quote from: Slashing on July 28, 2025, 01:39:12 AMHello! There is a small utility for checking the bootloader.I have never compiled anything from scratch on my OPNsense system. How would I go about installing this utility?
#8
25.7 Series / Re: upgrade to 25.7 -> bootloader too old
July 28, 2025, 01:39:12 AM
Hello! There is a small utility for checking the bootloader.
#9
25.1, 25.4 Series / Re: OPNsense breaks when updating to 25.1.6
May 16, 2025, 12:58:02 AM
Hi!Try this
At boot loader prompt, choose to configure boot options (or similar wording) and try:
unset hint.uart.1.at
boot
If this works, you can permanently comment the
Code:
hint.uart.1.at="isa"
entry in /boot/device.hints
At boot loader prompt, choose to configure boot options (or similar wording) and try:
unset hint.uart.1.at
boot
If this works, you can permanently comment the
Code:
hint.uart.1.at="isa"
entry in /boot/device.hints
#10
25.1, 25.4 Series / Re: 25.1.5 ikev2 with radius authentication is broken
April 10, 2025, 08:58:03 PM
Thanks Franco. You're awesome. Everything is working fine with the patch.
#11
25.1, 25.4 Series / Re: 25.1.5 ikev2 with radius authentication is broken
April 10, 2025, 07:59:37 PM
Thanks for the answer.
# /usr/local/opnsense/mvc/script/run_migrations.php - nothing in response, strongswan.conf also does not change
# /usr/local/opnsense/mvc/script/run_migrations.php - nothing in response, strongswan.conf also does not change
#12
25.1, 25.4 Series / 25.1.5 ikev2 with radius authentication is broken - Solved
April 10, 2025, 05:09:36 PM
Hi there. After updating from 25.1.4 to 25.1.5 ikev2 broke.
empty section with radius parameters in /usr/local/etc/strongswan.conf
empty section with radius parameters in /usr/local/etc/strongswan.conf
Code Select
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> sending packet: from 208.124.xx.xxx[4500] to 45.21.xx.xxx[4500] (65 bytes)
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> generating IKE_AUTH response 2 [ EAP/FAIL ]
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> loading EAP_RADIUS method failed
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> received EAP identity 'user'
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> parsed IKE_AUTH request 2 [ EAP/RES/ID ]
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> received packet: from 45.21.xx.xxx[4500] to 208.124.xx.xxx[4500] (72 bytes)
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> sending packet: from 208.124.xx.xxx[4500] to 45.21.xx.xxx[4500] (163 bytes)
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> generating IKE_AUTH response 1 [ IDr AUTH EAP/REQ/ID ]
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> authentication of 'vpn.on_opnsense.com' (myself) with ECDSA-256 signature successful
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> peer supports MOBIKE
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> initiating EAP_IDENTITY method (id 0x00)
2025-04-10T09:53:13-05:00 Informational charon 16[CFG] <77fea0b5-6d41-4707-a27a-fe283cc74685|4> selected peer config '77fea0b5-6d41-4707-a27a-fe283cc74685'
2025-04-10T09:53:13-05:00 Informational charon 16[CFG] <4> looking for peer configs matching 208.124.xx.xxx[vpn.on_opnsense.com]...45.21.xx.xxx[user]
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <4> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR MASK DHCP DNS ADDR6 DHCP6 DNS6 DOMAIN) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr N(MOBIKE_SUP) N(EAP_ONLY) ]
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <4> unknown attribute type INTERNAL_DNS_DOMAIN
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <4> received packet: from 45.21.xx.xxx[4500] to 208.124.xx.xxx[4500] (340 bytes)
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <4> sending packet: from 208.124.xx.xxx[500] to 45.21.xx.xxx[500] (288 bytes)
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <4> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <4> remote host is behind NAT
2025-04-10T09:53:13-05:00 Informational charon 16[CFG] <4> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_384/ECP_384
2025-04-10T09:53:13-05:00 Informational charon 16[IKE] <4> 45.21.xx.xxx is initiating an IKE_SA
2025-04-10T09:53:13-05:00 Informational charon 16[ENC] <4> parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
2025-04-10T09:53:13-05:00 Informational charon 16[NET] <4> received packet: from 45.21.xx.xxx[500] to 208.124.xx.xxx[500] (272 bytes)
#13
24.7, 24.10 Series / Re: 24.7.11_2. PHP error in IPsec/Mobile Clients
December 19, 2024, 09:56:50 AM
Thanks! It worked. You awesome!
#14
24.7, 24.10 Series / Re: 24.7.11_2. PHP error in IPsec/Mobile Clients
December 19, 2024, 09:37:38 AM
Ty for the quick answer. I did both, but no luck
Code Select
***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 24.7.11_2 (amd64) at Thu Dec 19 11:27:26 MSK 2024
>>> Root file system: zroot/ROOT/default
>>> Check installed kernel version
Version 24.7.10 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 24.7.10 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense (Priority: 11)
>>> Check installed plugins
os-acme-client 4.6
os-apcupsd 1.2_3
os-bind 1.33_1
os-crowdsec 1.0.8_1
os-ddclient 1.26
os-freeradius 1.9.26
os-frr 1.42
os-git-backup 1.0_3
os-smart 2.3
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" at 24.7.11_2 has 69 dependencies to check.
Checking packages: ...................................................................... done
***DONE***
#15
24.7, 24.10 Series / 24.7.11_2. PHP error in IPsec/Mobile Clients
December 19, 2024, 07:07:02 AM
Hi there. Something went wrong
To reproduce the error, click Save and then click Apply Changes.
To reproduce the error, click Save and then click Apply Changes.
Code Select
[18-Dec-2024 23:53:55 America/Chicago] TypeError: call_user_func_array(): Argument #1 ($callback) must be a valid callback, function "system_routing_configure" not found or invalid function name in /usr/local/etc/inc/plugins.inc:323
Stack trace:
#0 /usr/local/etc/inc/plugins.inc.d/ipsec.inc(1609): plugins_configure('route_reload', false, Array)
#1 /usr/local/www/vpn_ipsec_mobile.php(82): ipsec_configure_do()
#2 {main}
