Messages

I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.

Did you check if another service was already listening on port 161?
That is why I was unable to launch bsnmpd. I had to kill the process (I don't remember the name of the process).

Hi,

here is what I would do :
1) Locate the issue (which equipement is it coming from?) ;
2) Identify the component/service responsible for the issue ;

Your network tools :
- Ping/Traceroute ;
- Packet capture ;
- Logs.

Based on you architecture, you should check whether the latency is seen by your OPNsense.
Todo so, you can go to "Interfaces / Diagnostics / ping or trace route or packet capture".

If latencies are still present then it's between you virtual OPNsense and webserver. If not, it's betweeen the AP and your virtual OPNsense.
Knowing that is almost half the job ;)

Good luck.

Can you show us a screenshot of the configuration of your VLAN CORE for example in :

• Interfaces / vlan core (or whatever you named it)"
• Interfaces / Assignment / vlan core
• Interfaces / Other Types / vlan core / edit (the small pencil)

[access port for vlan 2]

Hi!

Can you show how you configured your DHCP?

Also, did you configured the port where you plug your device as an access port for vlan 2?

It should not be a firewall rule issue as OPNsense add automaticaly an "allow" DHCP rule when you activate DHCP on an interface.

You can check if your firewall see your device DHCP request by doing packet capture here : "Interfaces / Diagnostics / Packet capture".
I suggest you select all interfaces to be sure that you are not missing any traffic.
It's also possible to look at DHCP logs here : "Services / DHCP / Log File".

You can see my DHCP configuration in attachment.

Cheers

Hi!

How did you reset your device?

In the GUI it's possible to do so by going in "System / Defaults" (see attachment).
I have never used it yet so please tell me if if worked.

Cheers,

Hey !

Well it does DNS and DHCP (look at the attachment).

For other services, you can develop small scripts and use them in Zabbix to monitor your services.
You already saw my other thread but I'll link it for other people : https://forum.opnsense.org/index.php?topic=33481.msg182023#msg182023.

I will work a bit on improving the supervision and if I'm successful I'll drop a tutorial since it seems to be inexistent...

Hello,

I was looking for the same and here is what I found so far.
You can use the following MIB :

• BEGEMOT-PF-MIB
• HOST-RESOURCES-MIB
• IF-MB

Source : https://www.zabbix.com/integrations/opnsense#opnsense_snmp
Here is how I use Zabbix to monitor OPNsense : https://forum.opnsense.org/index.php?topic=33481.msg182023#msg182023

Be advised that Decisio do not provide an official documentation on how to monitor your OPNsense using an external tool.

Hopes this helps.

I just remember that I had an issue between os-net-snmp plugin and bsmpd.

When os-net-snmpd was installed it was listenning on port 161 and when I started bsnmpd it said "Starting bsnmpd." But it did not started as the port was already in use.

I'm not sure which plugin you are using, here is mine : (attachment).

Zabbix is in my PRODUCTION network and is communicating with OPNsense in ADMINISTRATION network.

From PRODUCTION to ADMINISTRATION : check attachment.
From ADMINISTRATION to PRODUCTION : check attachment.

"Services_Supervision" = ports 10050 and 10051.

If you want to be sure that it's not a rule issue, you could allow all communication between zabbix and your OPNsense but don't forget to be more restrictive once your test is over.

Logs are your friend as well ;)

[23.4]

I am a bit behind schedule for updating. My OPNsense is still in 23.4.

I will wait for 24.1 before upgrading and hope that it still works...

Are you sure that you have the same community configured between your OPNsense and Zabbix?
Have you restarted bsnmpd ?

[^·*]

Hello testo !

So far, so good, bsnmpd is working fine. The only issue is that bsnmp service does not show up in the GUI which is not optimal for checking its status.

I only found documentation around snmp plugin for opnsense but they were not compatible with BEGEMOT-MIB. That's why I tried bsnmp with the same zabbix template as yours (https://www.zabbix.com/integrations/opnsense). And that's working perfectly fine.

Well I had to make one adjusment in this template otherwise interfaces weren't discover correctly.
Go to :

- Configuration / Templates / OPNSENSE SNMP / MACROS
- Change the value of the field {$NET.IF.IFADMINSTATUS.MATCHES} to ^·*

I contacted the author and he may have already changed it!

Cheers

[Do not install any SNMP plugin (ie: os-net-snmp)]

Hi,

I struggled as well to understand how to monitor my OPNSense using Zabbix and here is what worked for me.

Do not install any SNMP plugin (ie: os-net-snmp)
It will result in a conflict with bsnmp.

Steps on OPNSense

• Open an OPNSense console (CLI)
• Enable bsnmpd daemon by creating new config file "/etc/rc.conf.d/bsnmpd" with the following content :

Code Select Expand

bsnmpd_enable="YES"

• Uncomment the following lines in "/etc/snmpd.config" file to enable required SNMP modules:

Code Select Expand


read := "your_snmp_community"
begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
begemotSnmpdModulePath."pf" = "/usr/lib/snmp_pf.so"


• Start bsnmpd daemon with the following command:

Code Select Expand

/etc/rc.d/bsnmpd start

• Setup a firewall rule to get access from Zabbix proxy or Zabbix server by SNMP (https://docs.opnsense.org/manual/firewall.html).

   
Steps on Zabbix

• Create your host
• Link "OPNSense template" to your host
• Link "Template / Network devices" group to your host
• Configure name, IP etc. for your host
• Smile because it works.

Refence for above steps : https://www.zabbix.com/integrations/opnsense

Hope this help.