Messages

Good morning,

after the update to 24.7 (currently on 24.7_9) the community repository apps were updates as well and since then unifi controller starts, and appears running, but I can not access it via port 8443. I tried uninstalling and reinstalling to set it up via 8080 again, but no luck.

Thank you in advance, and happy to provide any additional data to help with diagnosis

Thank you for that. I missed that there was the 'unifi' package without version number.

Hi all and particularly @mimugmail! Thank you for making additional packages available on opnsense. My question: are there any plans to update the os-unifi7-maxit plugin to version 8+ (current: 8.1.127) for compatibility with new hardware such as the U7 Pro (minimum required: 8.0.26)?

hi all,

thank you for all your input. I got it to work. @Maurice you were right on the money. I decided to give your theory a try and just removed the ISP provided modem after checking that they allowed me to connect directly via PPPoE. Initially it would not work on the original opnsense setup that I was working on, but I decided to just scrap everything and reset opnsense to factory settings. After that, it dialled in immediately and I was able to set DHCPv6. Settings:

Interfaces > WAN > IPv4 [PPPoE]
Interfaces > WAN > IPv6 [DHCPv6]
Interfaces > WAN > Dynamic Gateway Policy [X]
Interfaces > WAN > DHCPv6 Client configuration > Request only an IPv6 prefix []
Interfaces > WAN > DHCPv6 Client configuration > Prefix delegation size [56] (provided by my ISP)
Interfaces > WAN > DHCPv6 Client configuration > Send IPv6 prefix hint [X]
Interfaces > WAN > DHCPv6 Client configuration > Use IPv4 connectivity [X] (needed, otherwise no IP is assigned, iiNet, Australia)
Interfaces > WAN > DHCPv6 Client configuration > Use VLAN priority [Disabled]

Interfaces > LAN >  IPv6 Configuration Type [Track Interface]
Interfaces > LAN >  Track Interface > IPv6 [WAN]
Interfaces > LAN >  Track Interface > IPv6 Prefix ID ['0']

I tested it and now IPv6-test.com returns that Native IPv6 is supported, and my Mac also reports a correct IPv6 IP address.

In conclusion I assume that there were two main issues. 1) the modem I used prior was not allowing me to customise it to fit my requirements and setup. It was getting the IP address, but was not able to pass it on. 2) In my various ways of modifying opnsense to try and get it to work, I must have caused issues that made for a bad configuration that I was not able to make work.

[Modem]

Thank you for looking at this!

I checked the logs and I think you are right, dhcp6c is not setup correctly:

Code Select Expand

2024-05-05T05:59:11 Notice dhcp6c server ID: 00:03:00:01:20:b0:01:ac:81:6c, pref=-1
2024-05-05T05:59:11 Notice dhcp6c status code: no prefixes
2024-05-05T05:59:11 Notice dhcp6c get DHCP option status code, len 2
2024-05-05T05:59:11 Notice dhcp6c IA_PD: ID=0, T1=0, T2=0
2024-05-05T05:59:11 Notice dhcp6c get DHCP option IA_PD, len 18
2024-05-05T05:59:11 Notice dhcp6c get DHCP option domain search list, len 5
2024-05-05T05:59:11 Notice dhcp6c get DHCP option DNS, len 16
2024-05-05T05:59:11 Notice dhcp6c get DHCP option opt_82, len 4
2024-05-05T05:59:11 Notice dhcp6c DUID: 00:01:00:01:2d:ac:5e:ef:f4:90:ea:00:f8:43
2024-05-05T05:59:11 Notice dhcp6c get DHCP option client ID, len 14
2024-05-05T05:59:11 Notice dhcp6c DUID: 00:03:00:01:20:b0:01:ac:81:6c
2024-05-05T05:59:11 Notice dhcp6c get DHCP option server ID, len 10
2024-05-05T05:59:11 Notice dhcp6c receive advertise from fe80::22b0:1ff:feac:816c%igc1 on igc1
2024-05-05T05:59:11 Notice dhcp6c reset a timer on igc1, state=SOLICIT, timeo=4, retrans=16873
2024-05-05T05:59:11 Notice dhcp6c send solicit to ff02::1:2%igc1
2024-05-05T05:59:11 Notice dhcp6c set IA_PD
2024-05-05T05:59:11 Notice dhcp6c set IA_PD prefix
2024-05-05T05:59:11 Notice dhcp6c set option request (len 4)
2024-05-05T05:59:11 Notice dhcp6c set elapsed time (len 2)
2024-05-05T05:59:11 Notice dhcp6c set client ID (len 14)

I have now tried it both with iPv4 connectivity turned on and off, no difference.

Unfortunately beyond the information I have given in the original post, I don't know if IPv6 is through a v4 tunnel, however I can try and ask the ISP.

I just checked my modem and perhaps this may be part of the issue why OPNsense reports no prefixes?:

Modem
IPv6 Configuration
Mode: DHCPv6
Status: connected
Enabled [X]
then it reports an IPv6 address, a Gateway, DNS servers and the IPv6 prefix delegation (2001:1111:1111:9700::/56)

Could it be that I need to configure OPNsense differently to link in properly with the modem?

[The Problem]

I have been trying to setup IPv6 as my ISP provides it, and has since 2012. To make this happen I have read a lot of guides/discussions/answers. However I seem to have stumbled across a somewhat unique circumstance and I will try to be as comprehensive as I can to provide info on my problem.

The Problem
I get an IPv6 address on WAN, but I am unable to pass/parse it to LAN. When I set LAN to Track Interface (due to provision of dynamic IPv6, I lose access to GUI with a 503 error (Service Unavailable). DHCPv6 Server attempts to start by does not. After a restart via ssh, I get access to the GUI again.

On dashboard:
- dhcpd6 is red and when I click the start button nothing other than the page refreshing.
- WAN receives an IPv6 address (2001:1111:11111:9700:1111:1111:1111:f844 and shows Gateway (fe80::1111:1111:1111:816c), LAN does not.
I can ping google.com IPv6 fine from router Interfaces > Diagnostics > Ping.

Where am I going wrong in my setup? Thank you for your help in advance

Hardware
DEC700 Series - Opnsense 24.1.6
QNAP 2.5/10Gbe VLAN compatible switch

ISP
My ISP provides a native 'dual stack' IPv4 and IPv6 service. It is turned on and gives me the following:
- An existing IPv4 address (if static) and any existing framed route(s)
- A dynamic /64 IPv6 prefix for your PPP session
- A static /56 IPv6 prefix for your LAN (if you are using a router with Prefix Delegation)
- the delegated static /56 IPv6 prefix is: 2001:1111:11111:9700
- currently the ISP automatic DNS mapping is enabled

OPNsense settings
Firewall > Settings > Advanced > IPv6 Options > Allow IPv6 [X]
I also added a rule for IPv6 for WAN:
PASS - WAN - in - IPv6 - ICMP - Destination Unreachable - any - WAN address

System > Settings > General >Networking > Prefer IPv4 over IPv6 []
System > Settings > General >Networking > DNS server options []

Interfaces > WAN > IPv6 Configuration Type [DHCPv6]
Interfaces > WAN > DHCPv6 client configuration > Request only an IPv6 prefix [] (when ticked, this changes the IP address to start with fe80...)
Interfaces > WAN > DHCPv6 client configuration > Prefix delegation size [56] (in line with ISP provision)
Interfaces > WAN > DHCPv6 client configuration > Send IPv6 prefix hint [X]
Interfaces > WAN > DHCPv6 client configuration > Use IPv4 connectivity [X]
Interfaces > WAN > DHCPv6 client configuration > Use VLAN priority [Disabled]

Interfaces > LAN > IPv6 Configuration Type [Track Interface]
Interfaces > LAN > Track IPv6 Interface > IPv6 Interface [WAN]
Interfaces > LAN > Track IPv6 Interface > IPv6 Prefix ID [1]
Interfaces > LAN > Track IPv6 Interface > Manual configuration []

These settings result in LAN to show under Interfaces:Overview an IPv6 address starting with fe80.../64

Services > ISC DHCPv6  there are no further settings.