OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of gcorre »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - gcorre

Pages: [1]
1
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: May 30, 2024, 11:16:41 am »
Quote from: gcorre on November 23, 2023, 05:38:14 pm
I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.

Did you check if another service was already listening on port 161?
That is why I was unable to launch bsnmpd. I had to kill the process (I don't remember the name of the process).

2
General Discussion / Re: Improved OPNsense latency and performance - New setup
« on: December 12, 2023, 01:34:34 pm »
Hi,

here is what I would do :
1) Locate the issue (which equipement is it coming from?) ;
2) Identify the component/service responsible for the issue ;

Your network tools :
- Ping/Traceroute ;
- Packet capture ;
- Logs.

Based on you architecture, you should check whether the latency is seen by your OPNsense.
Todo so, you can go to "Interfaces / Diagnostics / ping or trace route or packet capture".

If latencies are still present then it's between you virtual OPNsense and webserver. If not, it's betweeen the AP and your virtual OPNsense.
Knowing that is almost half the job ;)

Good luck.

3
General Discussion / Re: I Set Up A VLAN But Can't Ping Systems On It
« on: December 07, 2023, 06:19:28 pm »
Can you show us a screenshot of the configuration of your VLAN CORE for example in :
  • Interfaces / vlan core (or whatever you named it)"
  • Interfaces / Assignment / vlan core
  • Interfaces / Other Types / vlan core / edit (the small pencil)


4
General Discussion / Re: I Set Up A VLAN But Can't Ping Systems On It
« on: December 05, 2023, 06:54:48 pm »
Hi!

Can you show how you configured your DHCP?

Also, did you configured the port where you plug your device as an access port for vlan 2?

It should not be a firewall rule issue as OPNsense add automaticaly an "allow" DHCP rule when you activate DHCP on an interface.

You can check if your firewall see your device DHCP request by doing packet capture here : "Interfaces / Diagnostics / Packet capture".
I suggest you select all interfaces to be sure that you are not missing any traffic.
It's also possible to look at DHCP logs here : "Services / DHCP / Log File".

You can see my DHCP configuration in attachment.

Cheers

5
General Discussion / Re: No factory reset...
« on: December 05, 2023, 06:17:56 pm »
Hi!

How did you reset your device?

In the GUI it's possible to do so by going in "System / Defaults" (see attachment).
I have never used it yet so please tell me if if worked.

Cheers,

6
General Discussion / Re: Monitoring Zabbix
« on: December 05, 2023, 06:14:31 pm »
Hey !

Well it does DNS and DHCP (look at the attachment).

For other services, you can develop small scripts and use them in Zabbix to monitor your services.
You already saw my other thread but I'll link it for other people : https://forum.opnsense.org/index.php?topic=33481.msg182023#msg182023.

I will work a bit on improving the supervision and if I'm successful I'll drop a tutorial since it seems to be inexistent...

7
General Discussion / Re: OID - SNMP
« on: December 05, 2023, 06:01:38 pm »
Hello,

I was looking for the same and here is what I found so far.
You can use the following MIB :
  • BEGEMOT-PF-MIB
  • HOST-RESOURCES-MIB
  • IF-MB

Source : https://www.zabbix.com/integrations/opnsense#opnsense_snmp
Here is how I use Zabbix to monitor OPNsense : https://forum.opnsense.org/index.php?topic=33481.msg182023#msg182023

Be advised that Decisio do not provide an official documentation on how to monitor your OPNsense using an external tool.

Hopes this helps.

8
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: November 23, 2023, 05:38:14 pm »
I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.

9
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: November 21, 2023, 11:39:43 am »
I'm not sure which plugin you are using, here is mine : (attachment).
 

10
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: November 20, 2023, 05:49:40 pm »
Zabbix is in my PRODUCTION network and is communicating with OPNsense in ADMINISTRATION network.

From PRODUCTION to ADMINISTRATION : check attachment.
From ADMINISTRATION to PRODUCTION : check attachment.

"Services_Supervision" = ports 10050 and 10051.

If you want to be sure that it's not a rule issue, you could allow all communication between zabbix and your OPNsense but don't forget to be more restrictive once your test is over.

Logs are your friend as well ;)

11
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: November 20, 2023, 01:59:48 pm »
I am a bit behind schedule for updating. My OPNsense is still in 23.4.

I will wait for 24.1 before upgrading and hope that it still works...

Are you sure that you have the same community configured between your OPNsense and Zabbix?
Have you restarted bsnmpd ?

12
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: October 03, 2023, 10:55:03 am »
Hello testo !

So far, so good, bsnmpd is working fine. The only issue is that bsnmp service does not show up in the GUI which is not optimal for checking its status.

I only found documentation around snmp plugin for opnsense but they were not compatible with BEGEMOT-MIB. That's why I tried bsnmp with the same zabbix template as yours (https://www.zabbix.com/integrations/opnsense). And that's working perfectly fine.

Well I had to make one adjusment in this template otherwise interfaces weren't discover correctly.
Go to :

 - Configuration / Templates / OPNSENSE SNMP / MACROS
 - Change the value of the field {$NET.IF.IFADMINSTATUS.MATCHES} to ^·*

I contacted the author and he may have already changed it!

Cheers

13
General Discussion / Re: Monitoroing: Missing SNMP Agent support
« on: September 21, 2023, 05:58:06 pm »
Hi,

I struggled as well to understand how to monitor my OPNSense using Zabbix and here is what worked for me.

Do not install any SNMP plugin (ie: os-net-snmp)
It will result in a conflict with bsnmp.

Steps on OPNSense
  • Open an OPNSense console (CLI)
  • Enable bsnmpd daemon by creating new config file "/etc/rc.conf.d/bsnmpd" with the following content :
Code: [Select]
bsnmpd_enable="YES"
  • Uncomment the following lines in "/etc/snmpd.config" file to enable required SNMP modules:
Code: [Select]
read := "your_snmp_community"
begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"
  • Start bsnmpd daemon with the following command:
Code: [Select]
/etc/rc.d/bsnmpd start
  • Setup a firewall rule to get access from Zabbix proxy or Zabbix server by SNMP (https://docs.opnsense.org/manual/firewall.html).
   
Steps on Zabbix
  • Create your host
  • Link "OPNSense template" to your host
  • Link "Template / Network devices" group to your host
  • Configure name, IP etc. for your host
  • Smile because it works.

Refence for above steps : https://www.zabbix.com/integrations/opnsense

Hope this help.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2