Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - clash

#1
Hi,

The machine is running via EFI und has a Intel(R) Xeon(R) E-2336. The motherboard is a
X12STL-IF (derived from dmidecode -t baseboard)

I will try to setup a downtime this weekend and make a screenshot via the impi console.
#2
Hi,

I recently updated a firewall of one of my customers to OPNsense 26.4.1-amd64. After the reboot the System did not
come back. I took a look via IPMI and saw the kernel starts booting but stuck after 2 seconds.

I could successfully change to old kernel.

How many Kernels can I preserve, so that the the next update will not remove the actual working kernel.

Is this a known issue?

#3
I understand that we can create a network group holding all vlan networks to prohibit inter vlan routing when internet access is to be defined. but thats fiddly.
I want to be precise and substainable and so the prefix himself is the best.

Nevertheless Iam okay with the network group of interfaces.
Thanks.
#4
Hi,

I have a opnsense behind a fritzbox which sucessfully delegates a /60 prefix to it.
The problem begins with if i try to create a firewall alias for that prefix.

For the lan adress Ive create a dynamic ipv6 host with a content like  ::cafe:cafe:cafe:cafe 
Now the alias contains the complete address and will be refreshed hopefully if the prefix changes.

What I need further is the prefix address without the /64 host-id. I would write this
like  ::cafe:cafe:cafe:cafe/60 

The result should be the prefix without host-id and the given netmask.

Now the standard firewall internet access rule could be expressed with
  - src=<network> dst= not <prefix>

Is there a chance to get this implemented?