Messages

meyergru,

Thanks for the message.  I checked and it looks like I was putting the wrong entry in the SSH Private Key section on the OPNsense SFTP backup section.  Grabbed the Private key from /root/.ssh and inserted it into the SFTP backup section and boom, connected and transferred the config like a champ.

Thanks for the assist.

I don't believe the issue is related to the hostname—as mine is all lowercase, so that shouldn't be a factor. If memory serves, this may be a permissions issue, though I'm not entirely certain.

Here's what I've verified: I generated the SSH key on OPNsense and uploaded it to the SFTP server. From the OPNsense command line, I'm able to successfully initiate an SFTP connection to the server, which confirms that the SFTP configuration itself is sound.

However, when I attempt to save these settings through the UI, I receive the following error:

Load key "/conf/backup/sftp/identity": error in libcrypto opnsensesftp@sftp.taznet.home: Permission denied (publickey,password)

Thanks again for your help!

Bump

I am getting this error when trying to save the backup configuration

Load key "/conf/backup/sftp/identity": error in libcrypto opnsensesftp@sftp.taznet.home: Permission denied (publickey,password)

Saved settings, but remote backup returned no files.

SFTP connects and works just fine from the Shell.

I remember this being a problem back in the early part of the year but I cant find any posts about it.

Any idea's?

Thanks

That's not really a reasonable option.  It may work on Windows but that doesn't work on any IoT devices like IP Camera's or Smart Bulbs.

Any other opinions?

Thanks

Hello Everyone,

I have been looking at migrating to Kea from ISC.  I have played with it a bit in my lab but have one last question to answer before I make the move.

Is there a way to remove a dynamically assigned DHCP address from the Lease database like in ISC?  If the answer is no is there any place to find out if this feature is going to be added in a future update or request that this feature be considered?

Thanks for your consideration.

I was able to figure it out.  If anyone experiences this issue later on the solution is to go to your alert setting under the monit settings section and add "From: sender@example.com" to the mail format option.

Cheers

I already have that setup and verified it to be working.  Here is the output from the Monit Log.

Mail: Mailserver response error -- 554 5.2.252 SendAsDenied; name@outlook.com not allowed to send as monit@routername.doman; STOREDRV.Submission.Exception:SendAsDeniedException.MapiExceptionSendAsDenied; Failed to process message due to a permanent exception with message [

Meaning that the From Address can not be from monit@routername.doman, it has to be from name@outlook.com.  How do I change the From Address to name@outlook.com

Trying to setup Monit to work with sending an email to Outlook.com.  Have everything working but I am getting an error because Outlook does not allow the sending email to be something different then the email address of the account that I am using.  As of right now Monit is saying that the sender's email is coming from monit@routername.domain.  I need to get this changed to address@outlook.com.  Does anyone know if this is possible.  I looked in the configuration but could not find any setting like this.

Thanks

I am having this same issue.  I have a multi-WAN setup.  When my primary WAN goes down I have to reset the WAN1 Gateway Monitor for OPNsense to see the gateway as backup.  I am not using PPPoE.  interface is setup to pull an IPv4 address from my ISP, Cox.  Using a Neatgear CM1000 cable modem.  Gateway switching works just doesn't switch back until I reset the gateway monitor service.

Dual-WAN is setup using the OPNsense guide https://docs.opnsense.org/manual/how-tos/multiwan.html

I have been reviewing how to create and assign certificates and I think I have it pretty much figured out except for one thing.  How do you find out what certificates are assigned to a CA?  I currently only have 2 certificates created, 1 for my captive portal and one for my OPNsense WEB GUI.  I see these two certificates assigned to the CA I want to us moving forward in the Authorities section but my old CA that I would like to delete still shows a "usages' of 1.  I am trying to figure out where that is coming from before I just delete it.  Your assistance is appreciated.

https://github.com/opnsense/core/issues/7753

Tickets on GitHub are always nice.

Thanks Franco.  I'll keep my eye on that ticket as well.  I have decided to just disable it for now until a fix is found and track my packet lost status via Smokeping.

I am having the same issue.  I was told to reset the RRD data in Report > Settings but that did not work for me. You can try it.  I already posted about this issue.  Here is the link to that original post. 

https://forum.opnsense.org/index.php?topic=42060.0

Please let us know your result.  FYI, I am using a Protectli FW6D.  Just purchased it.  Interested to hear your results.

I performed some additional troubleshooting with no success.  Here is what I tried.

Under Reporting > Settings
1.) Uncheck "Enables the RRD graphing backend."
2.) Click Save
3.) Click Reset RRD Data and accept.
4.) Check "Enables the RRD graphing backend."

For the first 10 minutes I see data and then a gap for 36 minutes.  Then it's fine for 50 minutes and now I have not seen any data for 10 minutes.

I am running on a brand new Protectli Vault Firewall Appliance.

I am out of idea's.  If anyone can assist I would greatly appreciate it.

Nope.....all my data is there over the last 3 hours since I reset RRD.

No gaps

Well like I said for it to be happening on two different pieces of hardware that have fresh installs of 24.7.1 as well as one of my friends I don't see how this can be a configuration or hardware issue.  By fresh I mean that I installed 24.7_5 fresh and upgraded to 24.7.1 before uploading my configuration.  My test system is just running bare bones with one WAN and one LAN port. 

After resetting for a third time, the graphic has not updated since 14:39.  It is now 15:09.

This was working with no issues on 24.1.10_8.  Only happened when I upgraded to 24.7.  Has to be a bug.

Please advise.