Messages

passeri:

It is, and I plan on implementing SSH shortly.  I'm just trying to get all recovery options clear in my mind, along with the consequences/side effects of each.  One might have to recover via the method I asked about if, e.g., there were issues with both web access and SSH access, unlikely though that might be. ;-)

So, to verify, not only did this procedure (1) reset the root password, (2) allow you to change the authentication method back to Local Database, but also (3) reenable the previously disabled root user account?  I have been wondering about #3.

I ran across Franco's 2018 explanation as to question 1 (https://forum.opnsense.org/index.php?topic=9690.0).  Console option 3 will not only allow you to reset the password, but also asks "Do you want to set it back to Local Database [y/n]".  Perfect.

Thanks for the response, viragomann.

I was testing forcing system DNS queries down a pair of Wireguard tunnels, and was hoping to be able to specify the VPN gateway group vice the two VPN gateways.  However, I tested the failover with the 2 gateways individually listed, and DNS failed over fine from one to the other.

I'm still mulling whether to use WAN or VPN gateways for DNS resolution; I may go back to just letting the routing table decide (so generally WAN).

Thanks for the help!

Newbie here, running 25.7.3_7.  I note that under System → Settings → General, one can specify any existing gateway for a DNS server.  However, one cannot specify a gateway group.  Is this omission by design?  Thanks.

Couple of newbie questions: (1) Assuming one has created additional admin users and disabled root, will the console password recovery process (option 3: reset root user password) still work?  In other words, will the console password recovery process not only allow one to reset the root user password but also reenable a disabled root user account?  (2) Where does one look to verify whether a particular installation used ZFS or UFS filesystem?  I could have sworn it used to be displayed on the Lobby Dashboard . . .

Thanks

I have now run into this issue as well.  I am a total OPNsense noob ... though I have a year of pfsense under my belt.  I followed the documentation very carefully to configure Unbound and Dnsmasq to work together.  I followed the example configuration steps in "DHCP4 with DNS Registration".  "DHCP register firewall rules" has been checked since the beginning. After I was done, I noted that the Dnsmasq service failed to start.  Logs pointed me to the issue.  I disabled the ISC DHCP4 service and manually restarted the Dnsmasq Service.  So far, so good.  Then I noticed no rules had been created with respect to DNS on any of my interfaces.  Based on this thread, I verified that the Dnsmasq General Tab listed all the interfaces (physical and VLAN) I had created (except WAN) in the "Interface" field, and under Advanced Mode the "Interface [no dhcp]" field says "Nothing selected". I did a System - Diagnostics - Packet Filter - Restart and when this changed nothing, I did a Power - Reboot.  Can anyone offer any suggestions for things to check?  Thanks.

POSTSCRIPT:  Never mind.  Noob GUI interface ignorance.  I didn't realize all the autogenerated rules are collapsed into their own folder.  The 3 "allow access to DHCP server" rules are on each interface.