Messages

I have this working on OPNsense 25.7.1_1-amd64. There were bugs in prior versions and I was unable to make it work. I would give it a go. If you are still having problems, let me know and I'll try to assist.

I am running 2 Tunnels and BGP. 1 tunnel is preferred with lower metric (100 vs 200). Failover works and happy with my setup.

Is something lacking or not updating in the business edition? We manage a number of them and the GeoIP database is from 2024-11-22T18:41:22.  On my personal FW, it is 2025-02-07T11:43:20

PR created ... Hope this finally gets some traction.

https://github.com/opnsense/core/pull/8241

Hey all,

I submitted the following Issue/Feature request. If you would also find this helpful and a better solution than what we have, please respond and let the Devs know you are interested :)

https://github.com/opnsense/core/issues/8239

The current setup of 2FA is a bit janky....Does it work, sure, but prepending/appending is a hassle when using a password manager.

Seems you can set the following in /usr/local/etc/rc.d/snmpd to have it run as root.
Just curious why Business vs Community causes this break.

snmpd_sugid="NO"

We have a number of Business editions rolled out and noticing that we can't query services.

When running with the following we only get back the snmpd service

snmpd  47456   0.0  0.2   38816 26476  -  S    08:01       0:00.01 /usr/local/sbin/snmpd -p /var/run/net_snmpd.pid -u snmpd -g snmpd

zabbix:~$ snmpwalk -v2c -cExample foo.bar.com .1.3.6.1.2.1.25.4.2.1.2
iso.3.6.1.2.1.25.4.2.1.2.47456 = STRING: "snmpd"

If I kill the process and start as root, we get the full list.

root   93943   0.0  0.2   38816 26296  -  S    08:02       0:00.01 /usr/local/sbin/snmpd -p /var/run/net_snmpd.pid

zabbix:~$ snmpwalk -v2c -cExample foo.bar.com .1.3.6.1.2.1.25.4.2.1.2
iso.3.6.1.2.1.25.4.2.1.2.20 = STRING: "lighttpd"
iso.3.6.1.2.1.25.4.2.1.2.315 = STRING: "python3.11"
iso.3.6.1.2.1.25.4.2.1.2.317 = STRING: "python3.11"
iso.3.6.1.2.1.25.4.2.1.2.563 = STRING: "devd"
iso.3.6.1.2.1.25.4.2.1.2.8724 = STRING: "ntpd"
iso.3.6.1.2.1.25.4.2.1.2.12072 = STRING: "dpinger"
iso.3.6.1.2.1.25.4.2.1.2.12829 = STRING: "daemon"
iso.3.6.1.2.1.25.4.2.1.2.13264 = STRING: "php"
iso.3.6.1.2.1.25.4.2.1.2.13324 = STRING: "syslog-ng"
iso.3.6.1.2.1.25.4.2.1.2.13761 = STRING: "syslog-ng"
iso.3.6.1.2.1.25.4.2.1.2.21025 = STRING: "csh"
iso.3.6.1.2.1.25.4.2.1.2.25394 = STRING: "daemon"

I don't see this issue with the non Business edition. It always seems to start as root and not the snmpd user.

Seeing the same thing on Business 24.4

We have 2 Relays, 1 for VLAN 10 and 1 for VLAN 50. VLAN 50 continues to work, VLAN 10 drops randomly.
A quick disable/enable fixes it until it fails again

Is there any way to sync only certain Aliases?

For most of our clients, this works great. However we have a couple clients that have additional aliases for Cameras and the likes.
With those clients, it does sync our global Alias for access, but Provisioning always shows it is out of sync.

Would be great if we could select which aliases we want to be part of the sync.

Thanks,
Mike

Having a similar issue with Business 24.4 release.

We have 3 VLANs (default, Vlan10 and vlan50).

We started seeing 169.254 ips on vlan10, but vlan50 was fine. My first thought was dhcp guarding on Unifi as we have had this blow up in the past in some environments.

Further investigations via `sudo nmap -e vlan10 --script broadcast-dhcp-discover` and `sudo nmap -e vlan50 --script broadcast-dhcp-discover` showed we were getting no response on vlan10.

I stopped/started the relay on Vlan10 and things started working again.