Messages

Too Soon to rejoice!
OS updated fine but Clamav and Zenarmor doesn't seem to be able to update.

Here is a log message I got from Clamav after update failed

Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock: Connection refused

Larry

Success I believe,

So after much surfing internet I went in and created a gateway entry for the admin interface. Now updating seems to work so far. I've been able to upgrade OS to  24.7..1. Next is to see if I can upgrade Zenarmor and ClamAV.



More to come

LArry

Observation
Looks like OPNsense cannot reach internet. From the console shell I cannot ping any outside address i.e 8.8.4.4 DNS server. Using the GUI to do a ping it also fails. OPNsense is in transparent bridge mode  so I think there is a configuration issue. Computers on the lan network behind the OPNsense work.

Larry

I tried to check for updates and got error cannot update repositories

Any Ideas?

Thanks in advance
LArry

https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/changelog.txz: Host does not resolve
Updating OPNsense repository catalogue...
pkg: https://mirrors.dotsrc.org/opnsense/FreeBSD:13:amd64/24.1/latest/meta.txz: No address record
repository OPNsense has no meta file, using default settings
pkg: https://mirrors.dotsrc.org/opnsense/FreeBSD:13:amd64/24.1/latest/packagesite.pkg: No address record
pkg: https://mirrors.dotsrc.org/opnsense/FreeBSD:13:amd64/24.1/latest/packagesite.txz: No address record
Unable to update repository OPNsense
Updating SunnyValley repository catalogue...
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/24.1/${SUBSCRIPTION}/meta.txz: No address record
repository SunnyValley has no meta file, using default settings
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/24.1/${SUBSCRIPTION}/packagesite.pkg: No address record
pkg: https://updates.zenarmor.com/opnsense/FreeBSD:13:amd64/24.1/${SUBSCRIPTION}/packagesite.txz: No address record
Unable to update repository SunnyValley
Error updating repositories!

Thanks Got it working

Larry

Thanks Patrick,
that got me to the web Gui.
If I reinstate the firewall rules I get dumped until I run the command to stop the firewall.
What are the best ways to enable firewall rules in transparent bridge mode?

Trying to access OPNsense web GUI. in transparent bridge mode. Connections are as follows.
WAN connection from Modem to WAN connection on OPNSense 1x1.  the  LAN connection 1x0 on OPNSense to the WAN in on the router. LAN out from router to a switch. My computer connected to the switch.  Access to internet works at this point indicating bridge is working.
I connected third  NIC  on OPNSense 1x2  to the switch and configured the connection in OPNsense via serial CLI to be configured via DHCP.
OPNSense got an address of 192.168.1.168 from the router. My computer has an address of 192.168.1.166.  Ping to internet is successful. Ping to 1x2 address 192.168.1.168 failed and I cannot access web GUI.

So what am I doing wrong or is there another configuration I should try.

Thanks

LArry

Another question. I've rearranged the OPNsense to be between my modem and my router. Since it is supposed to be transparent now  it works. I can reach internet fine. The same problem how do I access the web GUI ? My goal is to not have to use opnsense as a router but to be in the middle and to setup  for  AV and ADD protection. Since the OPNsense has no IP address how can it receive updates. It has only 2 working NICs so configuring another NIC for management is not an option.  Am I up the creek and have to go back to a OPNsense router configuration?

any Ideas


Larry

I've setup the OPNsense as a transparent bridge.  It seems to be working but I cannot access the OPNsense GUI.
Instructions said to remove the IP addressees of the wan and lan.  Did that. I see on the console the bridge has an address of 192.168.1.180 which I believe it got from the router.  I cannot ping that address nor can I access the GUI.  Any ideas of where to look? since I cannot access the GUI I will need to make changes via the CLI

Another update
I went and tried another web browser . I was using Firefox. I logged in to the OPNsense with  Edge. It came to life
I don,t remember seeing anything about browsers. It looks like Firefox was the problem all along. For those installing OPNsense for the first time if you experience similar issues try another Browser.

Thanks to the group for indulging me. I will be back with more questions once I drive this some more.

Regards
Larry

Update on problem
another 24 hours and the wheel is still spinning.
I noticed in settings the parameters
Select an alternate firmware mirror.
select the release type.
had no entries. .  What should these be set at? and could that be an issue causing no updates or status info?

Thanks for any insight

Larry

after another 24 Hrs wheel still still spinning. Also some of the tabs reveal no info
no info under system  firmware status ,plugins, or Packages.
If I look at services isc IPv4 leases no leases shown even though my computer is  on the lan and  has an IP address from the DHCP server

Looks like a lot is not working.  I did a reinstall just before this post started because I saw similar conditions on my initial install.  where to look next? 
Larry

That's the heart of the problem I think. it never stops . It has been doing it for over 24 hours

HMMM  under firmware window that is not an option
Status has a revolving circle.
Here are my selections under firmware status

Type       
Version       
Architecture       
Commit       
Mirror       
Repositories       
Updated on       
Checked on

Larry

Just joined group after having problems with OPNSense install. Here is basic info on system. I am trying to install on an APPNetta M50 unit. initial install seemed OK.
here is some info

Versions    OPNsense 24.1.10_3-amd64
FreeBSD 13.2-RELEASE-p9
OpenSSL 3.0.14
Updates    Click to check for updates.
CPU type    Intel(R) Atom(TM) CPU C3558 @ 2.20GHz (4 cores, 4 threads)

First problem was unit will not update from GUI seems to just stall with wheel going around .
from command line using SSH i did a command ( pkg update && pkg upgrade).  that seemed to do an update on OS and opnsense.

I tried to install a plug in but no plugins show even if I search .
second issue is is it looks like the NIC is not running Gig e even though my computer on the lan port is gig e  I get terrible speed from the internet. It is Comcast with a a download speed on average of 600 MBS but connected to OPNsense unit I get 40 MBS if lucky.
Running the ifconfig  as follows I get this response

root@OPNsense:~ # ifconfig
ix0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: LAN (lan)
        options=4803828<VLAN_MTU,JUMBO_MTU,WOL_UCAST,WOL_MCAST,WOL_MAGIC,NOMAP>
        ether 00:07:32:52:af:57
        inet6 fe80::207:32ff:fe52:af57%ix0 prefixlen 64 scopeid 0x1
        inet6 2601:145:8000:d7:207:32ff:fe52:af57 prefixlen 64
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ix1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: WAN (wan)
        options=4803828<VLAN_MTU,JUMBO_MTU,WOL_UCAST,WOL_MCAST,WOL_MAGIC,NOMAP>
        ether 00:07:32:52:af:58
        inet6 fe80::207:32ff:fe52:af58%ix1 prefixlen 64 scopeid 0x2
        inet6 2001:558:6020:1b9:8926:fe93:9d53:beb8 prefixlen 128
        inet 73.128.241.149 netmask 0xfffffc00 broadcast 255.255.255.255
        media: Ethernet autoselect (1000baseT <full-duplex,rxpause,txpause>)
        status: active
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
ix2: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: WiFi (opt1)
        options=4803828<VLAN_MTU,JUMBO_MTU,WOL_UCAST,WOL_MCAST,WOL_MAGIC,NOMAP>
        ether 00:07:32:52:af:59
        inet6 fe80::207:32ff:fe52:af59%ix2 prefixlen 64 scopeid 0x3
        media: Ethernet autoselect
        status: no carrier
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ix3: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4803828<VLAN_MTU,JUMBO_MTU,WOL_UCAST,WOL_MCAST,WOL_MAGIC,NOMAP>
        ether 00:07:32:52:af:5a
        inet6 fe80::207:32ff:fe52:af5a%ix3 prefixlen 64 scopeid 0x4
        media: Ethernet autoselect
        status: no carrier
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
enc0: flags=0<> metric 0 mtu 1536
        groups: enc
        nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
pfsync0: flags=0<> metric 0 mtu 1500
        syncpeer: 0.0.0.0 maxupd: 128 defer: off
        syncok: 1
        groups: pfsync
pflog0: flags=20100<PROMISC,PPROMISC> metric 0 mtu 33160
        groups: pflog
root@OPNsense:~

The Basic configuration seems to work I can route out to internet. I want to add Zenarmor plug in to start but can't even find the plugin to install in OPNsense.

I also would like to enable the other 2  NICs for additional networks down the line


I will confess I am not that well versed in Free BSD or OPNSense and need some hand holding

I am reaching out for some assistance getting this to work.

Thanks for any help

Regards
LArry