Messages

When I create a new template in Firewall > Log Files > Live View, for example to view logs from a particular interface, I often find that when I switch to the new template I get no records.  But if I manually enter the same criteria I get plenty of records.

Also, when I recently created a template that had an interface criteria and an address criteria, when I select that template the presented criteria shows something like "iface is lan" and "address is lan" (rather than something like "iface is lan" and "address is 192.168.1.1).  Uh, that's not even possible. And I get no records. Any idea what's up? Thanks.

Looks like I should have posted this in the 25.7 forum. I'll move it there.

I should have mentioned that this is for Firewall Logs in Liveview.

When I create a new template, for example to view logs from a particular interface, I often find that if I switch to the new template that I get no records.  But if I manually enter the same criteria I get plenty of records.

Also, when I recently created a template that had an interface criterion and an address criterion, when I select that template the presented criteria shows something like "iface is lan" and "address is lan".  Uh, that's not even possible. And I get no records. Any idea what's up?

Success!  Yeah, clearly you have to have different instances on different ports, and in retrospect that makes perfect sense.  Thanks for your help.

So, do you know if I set up another ProtonVPN tunnel I can just change the port, or am I constrained by the port Proton indicates?

meyergru, that's a reasonable guess. They only thing in common with the two instances and peers is the port, 51820. But I don't see why the use of that standard port would affect the ability to add a static route on interface wg2. I guess it's possible that the error regarding adding a static route on interface wg2 is a red herring, but I don't see any other errors.

I would love to test different things, but I don't even know where to start testing.

Hello,

Some time ago I successfully set up the WireGuard Road Warrior Setup (https://docs.opnsense.org/manual/how-tos/wireguard-client.html).
Now recently I configured a wireguard connection to ProtonVPN from my gateway using
this:
WireGuard ProtonVPN Road Warrior Setup (https://docs.opnsense.org/manual/how-tos/wireguard-client-proton.html)
and this:
WireGuard Selective Routing to External VPN Endpoint (https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html)

Initially I could not get the ProtonVPN connection to work, but learned that when I disable the Road Warrior instance the ProtonVPN connection works.

With the Road Warrior instance on, and I turned on the ProtonVPN instance, I get this error:
/usr/local/opnsense/scripts/wireguard/wg-service-control.php: The command '/sbin/route -q -n add '-4' '10.2.0.1' -iface 'wg2'' returned exit code '1', the output was ''

My conclusion is basically that wireguard's attempt at adding a new route to interface wg2 failed.  I have no idea how to fix this. 

Does anyone understand why there is a conflict between the Road Warrior setup and the ProtonVPN setup?

Thanks

This was not an OPNsense issue. The ISP had to release the DHCP lease.

Thank you.

I figured as much, so it's good to have confirmation.

I used to manage pfSense firewalls at my former job, but decided to try OPNsense for my home gateway. I received a Protectli with OPNsense 24.7 installed. I did some minor configuration to establish a couple of wifi networks and familiarize myself with the interface. I like it, but I cannot get the traffic to route from LAN to WAN. Should I expect that it would just work out of the box if WAN gets an IP from my ISP?

I know this seems very basic, but I cannot figure out how to get traffic to exit the WAN. Any help would be greatly appreciated.