Messages

Since the last update I have not experienced this issue anymore. I don't know if it has been fixed somehow or if the issue was something else but I am glad this keeps working.

I will report back in a few days if it comes back or not. So far, thanks for all the help! :-)

Edit: Just noticed there is another update, so with "last" update I mean version "24.7.1", just to be more specific.

GUI listening on all interfaces?
Problem is only UI, it hangs at login attempt and ssh all fine, right?
Also see if any clues in the browser's dev tools "ctr+shift+I" on many.

If it was not listening on all interfaces, would this not mean that I would not be able to connect to it at all? Because, as I have said, the first day(s) after a shutdown/boot cycle it works as expected.

SSH is sort-of fine. There was one instance where it stopped working as well, which was followed by my network losing its connection. This was fixed by the reboot, but I have only experienced this once. Thus, it might be disregarded.

Currently it works - I was on vacation and shut everything down while being away. I will keep the devtools in mind next time it starts acting up.

Hey, thanks for the response! I don't think this is related but to avoid any uncertainties it is still worth investigating. That being said, I don't know where to start looking or how to analyse this issue.

So, any hints would be appreciated.

Sure thing, thanks! I wanted to post it yesterday but it seems to have recovered. Here you go:
https://pastebin.com/dvd70Lmt

I am wondering if me not logging out of the WebClient and letting it run into an expiration might be causing this. (I have not changed expiration settings, so if there are any they are default.)

I have created a thread of my own now since those two issues do not seem to be the same:
https://forum.opnsense.org/index.php?topic=41836.0

Good luck with your problem.

Since the other thread (https://forum.opnsense.org/index.php?topic=41818.0 )seems like a completely different issue I have decided to open this thread here.

After the update before the latest one - although I am not 100% sure that the update was causing the issue - I am unable to log into the WebUI after my DEC740 has run for a while. So, usually after a cold boot I can access the UI and log into it and change settings if I so desire. However, after a few days when I visit the WebUI it shows up but I just hangs during my login attempt. (I can then try on a different device.) During the whole time, I can connect via ssh. That being said, I have experienced the firewall to stop working after some time of not being reachable.

To solve the issue, I have to shut it down and then leave it unplugged for 1-2mins. Afterwards, everything works again until some time has passed.

I don't know which logs are needed or what info you need to help me solve the issue, so please just let me know and I will try to provide it.

Well, the question now is if this is a known issue and how many other users are having this problem. (Maybe there are also some logs they would need from our side.)

Let's wait and see and of course hope it will be fixed soon if it turns out to be a software issue. Which device are you running OPNsense currently on btw? (I have a DEC740)

I have the same (similar) issue, however mine started with the one before the last major update.

SSH does as expected, but a restart does not solve the problem. I have also once experienced this problem becoming worse and SSH also not being accessible (even though the firewall was working as expected). A few hours later, the firewall also stopped working.

What solves this problem for me is either shutting down or unplugging the firewall and leaving it unplugged for 1-2 minutes. Then, after the boot everything works fine for a few days and then the cycle repeats.

I sort of have a Band Aid fix for the issue now by doing the following:

Since I have a DEC740 device I have three RJ45 ports at my disposal with Port 0 and Port 1 by default being assigned to LAN and set to 1000baseT <full-duplex> as well as WAN and 100base respectively.

So, I went into Interfaces>Assignments and set WAN to use igb2 (aka Port 2). Now, I do have 1000baseT <full-duplex> on my WAN again.

This makes me wonder though as the output below shows that all three ports use the same networking device. Thus, a driver/kernel issue can be ruled out, right?

Code Select Expand


azulath@OPNsense:~ % pciconf -lv | grep -A1 -B3 network
igb0@pci0:2:0:0: class=0x020000 rev=0x03 hdr=0x00 vendor=0x8086 device=0x1539 subvendor=0x8086 subdevice=0x0000
    vendor     = 'Intel Corporation'
    device     = 'I211 Gigabit Network Connection'
    class      = network
    subclass   = ethernet
igb1@pci0:3:0:0: class=0x020000 rev=0x03 hdr=0x00 vendor=0x8086 device=0x1539 subvendor=0x8086 subdevice=0x0000
    vendor     = 'Intel Corporation'
    device     = 'I211 Gigabit Network Connection'
    class      = network
    subclass   = ethernet
igb2@pci0:4:0:0: class=0x020000 rev=0x03 hdr=0x00 vendor=0x8086 device=0x1539 subvendor=0x8086 subdevice=0x0000
    vendor     = 'Intel Corporation'
    device     = 'I211 Gigabit Network Connection'
    class      = network
    subclass   = ethernet
--
    class      = non-essential instrumentation
ax0@pci0:6:0:1: class=0x020000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x1458 subvendor=0x1022 subdevice=0x1458
    vendor     = 'Advanced Micro Devices, Inc. [AMD]'
    class      = network
    subclass   = ethernet
ax1@pci0:6:0:2: class=0x020000 rev=0x00 hdr=0x00 vendor=0x1022 device=0x1458 subvendor=0x1022 subdevice=0x1458
    vendor     = 'Advanced Micro Devices, Inc. [AMD]'
    class      = network
    subclass   = ethernet


Now that I think of it, my ISP's modem died two weeks ago, could it be that it fried my Port 1?

Anyway, any help or ideas would definitely still be appreciated.

I posted this question on reddit as well as in another forum and those are the steps I have done so far:

I used two different cables on different ports on my ISP's modem and tested the settings on my notebook with the following result:

Code Select Expand


~ ❯ ifconfig
...
en7: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=404<VLAN_MTU,CHANNEL_IO>
...
inet 192.168.0.94 netmask 0xffffff00 broadcast 192.168.0.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex>)
status: active

~ ❯ ifconfig
...
en7: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=404<VLAN_MTU,CHANNEL_IO>
...
media: autoselect (1000baseT <full-duplex>)
status: active


Both cables/ports use the correct 1000baseT <full-duplex> while both are set to 100baseTX <half-duplex> in my OPNsense.

Furthermore, I would like to point out that I am using a https://shop.opnsense.com/product/dec740-opnsense-desktop-security-appliance/, so the hardware should definitely be supported.

Additionally, I am quite sure this issue appeared after I updated to OPNsense 24.1.9.

Edit: I tried downgrading via sudo opnsense-revert -r 24.1.8 opnsense but the issue persists. (Have not tried downgrading the kernel since it is not advised.)

I have a 150MBit Internet connection but during the last few days I have noticed that I am limited to roughly 10-15Mbit. After doing a few tests I narrowed the issue down to the firewall and when looking at the dashboard and when browsing through my settings I noticed the WAN's speed was set to 100baseTX <half-duplex>
.

I tried setting it to 1000baseT <full-duplex> like LAN and IoT put this results in no Internet connection. When I directly connect a computer to the modem I am able to get my full Internet speed, so this does not seem to be the problem.

Additionally, I think the issue only occurred (was noticed) yesterday and I did have my full Internet speed a few days prior while no changes to the firewall or my network setup have been made, aside from installing the newest update.

Another problem I have noticed is that after a reboot of the firewall I sometimes did not get a WAN connection (just like when I used 1000baseT), but since I have manually set it to 100baseTX this seems to be solved now.

Any help on how to resolve this issue would be greatly appreciated!

Edit: The OPNsense version I am currently using is OPNsense 24.1.9_4-amd64 and FreeBSD 13.2-RELEASE-p11 on a AMD Ryzen Embedded V1500B (4 cores, 8 threads) machine.

After a reboot of the notebook and attaching the DEC740 to a different USB port I am able to see /dev/ttyUSB0

However, I am not able to enter much. It does seem to connect to it though, since once it mentioned something like amd/freeBSD and another time it asked for a login but I was not able to enter anything. If I press ctrl-a for a while it prints ^A, but ctrl-a-z does not show any help regarding special keys.

As terminal software, I'm using the normal GNOME one and I have also tried macOS' terminal when connecting via ssh.

I am also able to open both minicom and screen at the same time, whereas an additional minicom says the device is locked.

I rebooted the device again and this time I was able to access the firewall. So, now I can configure it properly again and set it up. Thank you very much for your help  :)

A quick google search did not reveal the need to install or load drivers on Manjaro, but I will continue to search more thoroughly.

Maybe a reboot is required? Not sure though since I did not install anything.

As for the DEC740 device, I have plugged in the cable that came with the firewall into the microUSB port labeled with "serial" and I am using a random USB-A port on my notebook. I assume this checks out?

Thank you very much for the response. I have already discovered the device via lsusb, unfortunately there is no /dev/ttyUSB0 nor /dev/ttyXRB0.

That being said, I would like to point out that this is the first time I try to use the serial interface of a device and therefore I could make some noob mistake in the process.

As a system, I'm running 6.1.22-1-MANJARO if this is any help.

I have purchased a DEC740 but unfortunately, I have messed up my network settings due to an error and now I do not know how I can connect to this device.

I have looked for a reset button, but I haven't found anything like that and my notebook just gets a self assigned IP with no way to connect to the router. (The IP it pick is 169.254.165.210 with a 0xffff0000 netmask. I have tried pinging the broadcast address, but I do not get any response.)

I now wanted to use a serial USB install and connect the device like so, but I also cannot see any device like ttyS0 or ttyUSB0.

Any help would be appreciated!

Edit 1: After I reconnected the device via USB I did find a couple of /dev/ttySX devices and /dev/ttyS0 sort of opens a connection with "sudo screen /dev/ttyS0 115200". Unfortunately, nothing happens afterwards and the screen simply remains empty.

Edit 2: ok ttyS0 is something different. I'm also using the cable the came with the device, so I assume when I connect this is should in fact by ttyUSB and not ttyX.

Edit 3: I sort of fear that the serial port has been deactivated after the "successful" configuration...