Messages

I guess it was repo issue then as today i got an alert on dashboard to do unfished updates.

Clickeed go and it connected (much faster than yesterday) I even saw in the Updates tab it did a cache clear which i've never seen it do.

Long and short ugrade completed so this can be closed off as clearly a blip.

Just chiming in to say I'm getting intermittent packet loss on the ipv6 connectivity audit. I've done 3 audit checks. The first dropped all packets. the second dropped one packet and the third didn't drop any. I had no issues updating and I don't have any ipv6 issues outside of this audit.

Yeah i still have internet so wife can watch netflix happily i just don't like things broken or half-ars£d lol and this telling my it installed but it still needs to install it is broken.

I appreciate that and I hope you get it fixed asap but i was referring to Franco's response about the ipv6 being broken and maybe the cause? Maybe I misunderstood.
Apologies,  i should have quote replied

No apology required :)

I just got into a reply roll, I think i've used the audit fuction a handfull of times but never the connection one so your experiance is better than mine

Just chiming in to say I'm getting intermittent packet loss on the ipv6 connectivity audit. I've done 3 audit checks. The first dropped all packets. the second dropped one packet and the third didn't drop any. I had no issues updating and I don't have any ipv6 issues outside of this audit.

Yeah i still have internet so wife can watch netflix happily i just don't like things broken or half-ars£d lol and this telling my it installed but it still needs to install it is broken.

It's just your IPv6 connectivity that's busted. Try System: Settings: General: check "Prefer IPv4" option.

I've checked the Prefer IPv4 option and it's already set unfortunatly.

Did a test and only pkg.opnsense.org that doesn't want to play.

PS C:\Users\Foz> ping pkg.opnsense.org

Pinging pkg.opnsense.org [2001:1af8:5300:a010:1::1] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 2001:1af8:5300:a010:1::1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PS C:\Users\Foz> ping bbc.co.uk

Pinging bbc.co.uk [2a04:4e42::81] with 32 bytes of data:
Reply from 2a04:4e42::81: time=11ms
Reply from 2a04:4e42::81: time=10ms
Reply from 2a04:4e42::81: time=9ms
Reply from 2a04:4e42::81: time=9ms

Ping statistics for 2a04:4e42::81:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 11ms, Average = 9ms
PS C:\Users\Foz>


Guess it's a rebuild as clearly a borked firmware

Can you do a connectivity audit from the firmware status page?

> truncated: 0/1332 bytes

This could happen due to long DNS timeouts for example.


Cheers,
Franco

Thanks for the reply, see below:-

***GOT REQUEST TO AUDIT CONNECTIVITY***
Currently running OPNsense 25.7.8 (amd64) at Thu Nov 27 16:57:54 UTC 2025
Checking connectivity for host: pkg.opnsense.org -> 89.149.222.99
PING 89.149.222.99 (89.149.222.99): 1500 data bytes
1508 bytes from 89.149.222.99: icmp_seq=0 ttl=58 time=14.044 ms
1508 bytes from 89.149.222.99: icmp_seq=1 ttl=58 time=13.911 ms
1508 bytes from 89.149.222.99: icmp_seq=2 ttl=58 time=14.437 ms
1508 bytes from 89.149.222.99: icmp_seq=3 ttl=58 time=14.341 ms

--- 89.149.222.99 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 13.911/14.183/14.437/0.214 ms
Checking connectivity for repository (IPv4): https://pkg.opnsense.org/FreeBSD:14:amd64/25.7
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching data.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 911 packages processed.
Updating mimugmail repository catalogue...
Fetching meta.conf: . done
Fetching data.pkg: ..... done
Processing entries: .......... done
mimugmail repository update completed. 191 packages processed.
All repositories are up to date.
Checking connectivity for host: pkg.opnsense.org -> 2001:1af8:5300:a010:1::1
PING(1548=40+8+1500 bytes) 2a02:390:feed:6120:aab8:e0ff:fe02:835 --> 2001:1af8:5300:a010:1::1

--- 2001:1af8:5300:a010:1::1 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv6): https://pkg.opnsense.org/FreeBSD:14:amd64/25.7
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
Unable to update repository OPNsense
Updating mimugmail repository catalogue...
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
repository mimugmail has no meta file, using default settings
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
pkg: An error occurred while fetching package: No error
Unable to update repository mimugmail
Error updating repositories!
Checking server certificate for host: opn-repo.routerperformance.net
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = E7
verify return:1
depth=0 CN = opn-repo.routerperformance.net
verify return:1
DONE
Checking server certificate for host: pkg.opnsense.org
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G2
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = RapidSSL TLS RSA CA G1
verify return:1
depth=0 CN = pkg.opnsense.org
verify return:1
DONE
***DONE***

That looks as if 25.7.8 upgrade was done (potentially incomplete) and now you do not have internet access.

From what version did you start out? If it was < 25.7, see https://forum.opnsense.org/index.php?topic=48343.msg244891#msg244891

If that is your situation, you need to apply the fixes, preferably before the upgrade.

I want to say 25.7.5 so i'll lok at those fixes as luckily despit it being upset i still have internet (thank the lord as she is catching up on stranger things and i don't wish to stop that lol)


UPDATE

Yes 25.7.5 as under updates it still say to update despite dashboard saying all good.

Have you tried a different Mirror?  You can change it under System > Firmware > Setting.

Thank you for the reply, yes 3 or 4 of them

So this morning i decided to do a firmware check and saw 25.7.8 was available (i've been working away). Went through the process and i thought all was good, a little slower than normal but all good.

Now i tend to do 2 runs of firmware checks just because i can't help it, and it said it need to do 25.7.8 base again.

I've now run it 5-6 times and it keeps coming back with :-

***GOT REQUEST TO UPDATE***
Currently running OPNsense 25.7.8 (amd64) at Thu Nov 27 13:29:23 UTC 2025
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: . done
mimugmail repository is up to date.
All repositories are up to date.
Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating mimugmail repository catalogue...
Fetching meta.conf: . done
mimugmail repository is up to date.
All repositories are up to date.
Checking for upgrades (80 candidates): .......... done
Processing candidates (80 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking integrity... done (0 conflicting)
Nothing to do.
Checking all packages: .......... done
Nothing to do.
Nothing to do.
Starting web GUI...done.
Fetching base-25.7.8-amd64.txz: ..............................[fetch: transfer timed out
fetch: /var/cache/opnsense-update/89570/base-25.7.8-amd64.txz.sig appears to be truncated: 0/1332 bytes] failed, no signature found
***DONE***

I've ssh'd in to clear cache and the run the kernal and base upgrades from there, still nothing. I've tried 3 or 4 different mirrors too. Any suggestions?

Hardware appliance (Intel N100 NUC) not a VM.

Firstly i'm running my OPNsense on a N100 NUC, 8GB Ram and with 2.5Gb NICs and running OPNsense 25.7.2-amd64.

I know this gets asked alot, i've read multiple postings and made all the changes but i now need to ask the community (i'm sorry).

I get that UPnP is frowned upon but in truth i have 2 options:-

1. Enable UPnP or put the original ISP router in as it just worked.
2. Demand the kids and wife tell me every-time they buy new games or get rid of games so i can edit port forwarding rules etc.

I do get it which why important stuff is VLAN'd off without UPnP.

So the issues I find are this, the nintendo switch gets NAT type D (wired and wireless) and the wife's PC keeps getting strict playing destiny 2 ect and nothing shows in the UPnP status for these devices. The devices playing games all have static mappings on the DHCP (i'm using DNSMasq on opnsense).

I have tried different ACLs and outbound NAT rules but nothing makes a difference, oddly the XBOX and PS5 in the house seem fine and on the wifes pc if she closes steam and does a release renew then reopened steam it works fine.

I attach below some screen shots of config as is now in the hopes someone will save what little hair i have left.

Worked it out that option is taken as a 'given' set my prefix and set RA to managed and it seems to have kicked in

So i have finally arrived after using PFsense for years!! I had issues with pfsense just refusing to use IPv4 (even specific IPv4 tests defaulted to IPv6!!) this caused a few website I use to stop working.

I have a FTTP package in the UK by IDNet (1Gbps symetric) i'm running it on a N100 with 8GB Ram and 4 x 2.5Gb I226-V NICs on a clean install of 25.1.7_2-amd64.

The connection is PPPoE for IPv4 and DHCPv6 on IPv6 but i'll be damned if i can get it working, i seem to be missing the "Use IPv4 connectivity" in the WAN config page.

I've set VLAN911 to the parent igc0 and then set that in the WAN assignment and igc1 to LAN but kinda lost in the interface, documentation says it should be there but it isn't.