Messages

Nobody?


Cheers,
Franco

Franco,

Sorry wasn't able to break the network again before calling it a night. People get upset during TV time. Anyways, I updated to _7, changed the alias back to URL vice Host, flushed the alias via diagnostics and it refreshed correctly pulling the information. I'll watch the logs on it and let you know if it doesn't hold.

Thanks for correcting the problem.

I had a similar issue. But also had an alias issue I fixed the alias issue and multi gateways with manual nat started working right away. This only impacted vlans using the broken aliases.

Fixing the alias issue corrected both problems. Hopefully this gets addressed.

Franco I applied the hot fix and rebooted and still have empty alias tables.

same problem

I think I found part of the problem. I had an alias with URLs in it that were failing to resolve because they didn't have https in front of them. This previously didn't cause an issue on older versions. But disalbing that alias allowed other aliases to populate. So there's an issue if an alias can't populate that it stops updating ones further down the list.

Example error message.

error fetching alias url us.archive.ubuntu.com (Invalid URL 'us.archive.ubuntu.com': No scheme supplied. Perhaps you meant https://us.archive.ubuntu.com?)

you're right, i resolved modifing the type from "url" to "Host/s" in the alias that in Content has "archive.ubuntu.com"

now the command /usr/local/opnsense/scripts/filter/update_tables.py --> {"status": "ok"}
aliases are populated now

I made that change as well and it also fixed the alias problem.

Franco I applied the hot fix and rebooted and still have empty alias tables.

same problem

I think I found part of the problem. I had an alias with URLs in it that were failing to resolve because they didn't have https in front of them. This previously didn't cause an issue on older versions. But disalbing that alias allowed other aliases to populate. So there's an issue if an alias can't populate that it stops updating ones further down the list.

Example error message.

error fetching alias url us.archive.ubuntu.com (Invalid URL 'us.archive.ubuntu.com': No scheme supplied. Perhaps you meant https://us.archive.ubuntu.com?)

Franco I applied the hot fix and rebooted and still have empty alias tables.

Gateways

Since upgrading to 25.7.3 and _3 I've had nothing but issues with aliases and policy based routing. Also haivng my OPNVPN clients turned on acting as gateways kills external routing on my two vlans that potentially use them. If I turn off the OPNVPN clients routing returns. I've confirmed alsiases aren't working by plugging in the IP address of a machine I want VPN routed and the rule works.

So it's always DNS, but I don't know what setting I'm missing that would allow it to work on the default gateway and not the WAN.

So I did some further testing and I can assign a VPN as the gateway on VLAN 120 or VLAN 69 and it gets an internet connection without any problem. But still can't assign the WAN. I attempted to make a WAN group with just the WAN in and it doesn't work either.

So there's something with the WAN I'm missing I think?

I recently updated to 23.1.8 and started having an issue. The first issue was VPN gateways not getting IP addresses for the actual gateway, I resolved this by allowing them to pull routes and I thought all was well. But I discovered later one of my secondary LANs for my wife and guest stopped working IF the VPNs pull routes and I try to force those VLANs out of the WAN4 gateway.

I'm not using IPv6 inside of my network. VLAN 20 has always used the WAN4 gateway option vice default. VLAN 120 and 69 have used the default. When I try to force them out WAN4 they just stop routing traffic out. The firewall logs show the traffic passing out of the VLAN. I've attached screenshots of NAT and Firewall rules. Any ideas here I'm at a loss as I've tried everything that makes sense.

JLAN is VLAN69
LAN is VLAN20