Messages

I notice sometimes that vnstat is not running, despite it being enabled. I'm not super familiar with BSD (far more experience with Linux), but is there a way to schedule a cron job or something to check whether vnstat is running and start it if it is not? I don't want to restart it if it is running tho.

Also, I was just poking around in the terminal a bit and I have yet to find a log for vnstat, where might that be? Perhaps I can find out why vnstat stops seemingly randomly.

Thanks.

Hello, I have a set up involving a remote power switch that is set up to automatically restart my cable modem if the connection goes down.  However, I also have a backup 5G modem that is included in my grouped gateway.  What I would like to do is limit the IP address of the remote power switch to only using the cable modem as an internet gateway, that way it will still restart the cable modem if the connection goes down, but the backup 5G connection is still working.  I've tried various combinations of firewall rules, but the remote power switch keeps having access to the internet when the cable modem is unplugged. 

How can I do this?  I do not have the option to put the remote power switch on a vlan, as I do not have a managed switch.

Thanks.

Trying to configure dynamic dns with a godaddy domain, and getting "Customer identified by login and password options denied permission" as an error is the closest I've been able to get.

Username is the API Key, password is the secret key.  I do have "lock" enabled for the domain... but I don't see anything in the godaddy documentation that explains what that means... do I need to unlock it in order to be able to update the IP address automatically via the opnsense plugin?  I suspect there may be something on the godaddy side of things that's misconfigured, but I haven't been able to find anything useful to tell me what that may be.

Please let me know what I"m doing wrong.

Thanks.

Trying to set up a VPN server via the new instances method, but I cannot get it to match common names.  If I turn on strict matching, I simply cannot connect.  If I have strict matching turned off, I can connect, but the connection shows up as UNDEFINED under the client name, and client specific overrides are not applied.

I created a new user name (tethys), crated certificates (tethys was entered as the common name), and am logging in with the user name tethys.

No idea what to troubleshoot... everything seems like it should be set up properly.  The same config works fine under legacy.

Well, I did the update to 24.1.5 and as far as I can tell everything went smoothly.  Now I can just reinstall with zfs at my leisure.

One of these days I also need to get around to migrating my OpenVPN config to the new instances...

The plan would be to basically upgrade immediately. Where would the older install image be available for download tho? I was hoping there would be install images on GitHub, but that doesn't seem to be the case.

I am currently using ufs for the root file system of my install, but would like to migrate to zfs in order to take advantage of snapshots.  Probably the best way to do this would be to reinstall 23.7, restore config from backup, take snapshot, then update to the current release.  Is there still a download available for the last release of 23.7?  I have an older version of install media saved somewhere, but it is not the last release... I feel like installing an older version and then restoring from my newer backup could possible cause issues, and would like to do this process with the current version that I am running now.

Thoughts? feelings? recommendations? download links?

Thanks!

I have a headache at the moment, so pardon this probably poorly written post... needless to say, this is not something I am looking to take on right at this moment. Perhaps a project for tomorrow or later this weekend.

Yes, but still does not work.  I'm no longer getting a log in prompt, now I just get nothing.

One thing to note, I am on the LAN at the moment.

However, I have installed nginx proxy manager on a LAN server (192.188.0.2) and have forwarded ports 80 and 443 via NAT.  But, if I go to subdomain.domain, rather than this traffic being forwarded to the proxy server and then further redirected to the appropriate server & port (192.188.0.2:2283) I am prompted to log into the router. 

How do I get the results I am looking for?

EDIT: Just had a buddy test and it is not working properly from outside the LAN either.



EDIT2:  Let's just cut to the chase here... can someone tell me how to get reverse proxy working so that I can access my immich server?  That's what I'm trying to do. 

I was able to log in via VPN connection luckily. I would still like to know how to get the local console working again tho

Disabled the anti lock out rule for a dumb reason and am now completely locked out. Cannot even get a login prompt with a display an keyboard directly connected. What do?

Update seemed to relatively smooth.  It did get stuck the first time I was able to log back into the web UI with a message that the router was still booting up, tho it did report traffic, some services were not running (tho I was able to start them manually), and was not able to access the repos (reported no internet connection).  I nervously rebooted, and everything came back up perfectly, including VPN clients.

Before we touch the Question about the Shaper/Shaping. You are saying even if you are streaming media via your LAN you are having drops?

How is your Network designed?
What is your OPN HW?
What is your Internet connection BW?
What is your LAN BW?
Go to this page https://www.dslreports.com/speedtest and run the test, what are the results?
Also please do ping tests between your Host 192.188.0.8 > 192.188.0.2 And 192.188.0.8 to > 1.1.1.1


In regards of the Shaper, there are plenty guides how to do it, mostly the guides even found on this forum work with FQ_CODEL SQM/AQM Shaper that will is implement to Shape WAN in order to prevent buffer bloat. Usually just turning the function, setting ECM and fine tune 2 parameters should be enough of get a A+ ranked performance over WAN. Usually its done in very simple way > 2 Ques, 2 Pipes > 2 Rules, one for download one for upload. In a specific case you need to give more BW to a specific client or APP you can to a more granular segregation and set the Weight Parameter.

However per your description, this doesn't look to be a congestion/saturation problem.

Regards,
S.

What's so special about this test?  I cannot get it to run, even without unbound or any adblocking extensions enabled.

Kikusenko Firewall Micro Appliance, Mini PC Celeron J4125 Quad Core, 4 lntel i226-V 2.5G Nics Ports, AES-NI, Barebone, Soft Router, VPN, 8GB RAM 128GB SSD https://a.co/d/73zJ3Oj

I'll answer what I can from where I am right now

Network starts with a Comcast cable router in gateway mode (only provides public IP) > opnsense router > my previous TPLink router set up as an AP (also serving as the main switch).

Plugged into the switch is my file server and the MoCA 2 adapter which runs the connection to my living room, from there it goes to another switch that the streamer & media PC is plugged into.

MoCA adapter provides 700mbit/s so that should be plenty of bandwidth.

At this point my plan is to put another gigabit switch between the router and AP, perhaps the TP Link is just not up to the task.

I have 7 devices connected to the network, but not all are ever really being used at the same time.