Messages

i use PIA client in openvpn.  After upgrading yesterday to 25.7.11, my connection status says "resolve".

The log files say

WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Google say add "remote-cert-tls server" to the configuration file.  The options on the client settings no longer contain the remote-cert-tls server  option to select it.

I tried to edit the .conf file directly on the console, but my changes are removed when i restart the service?

it was working fine in 25.7.10...?

Does anyone use the PIA VPN client and does it work for you in 25.7.11?

i use PIA client in openvpn.  After upgrading today to 25.7.11, my connection status says "resolve".

The log files say

WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info
NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

Google say add "remote-cert-tls server" to the configuration file.  The options on the client settings no longer contain the remote-cert-tls server  option to select it.

I tried to edit the .conf file directly on the console, but my changes are removed when i restart the service?

it was working fine in 25.7.10...?

I run both Adguard and Zenarmor on my firewall. I used the Sunnyvale repository for Zenarmor and installed using the remote Elasticsearch database as the install instructed. I am running both Adguard and Zenarmor on my firewall. Are you suggesting a different repository/install from what I have currently?

I restarted the firewall to generate the error again.  The elasticsearch service failed to start...and as before, I click on SAVE for the elasticsearch service and it starts with no issues.

I grabbed text from both sides of the error to include the manual start of the service.

2025-09-10T11:06:25-08:00    Informational    configd.py    message 038dad05-ca24-4c00-8e6c-21593a4db120 ['os-elasticsearch7-maxit'] returned OK
2025-09-10T11:06:25-08:00    Notice    configd.py    [038dad05-ca24-4c00-8e6c-21593a4db120] Installing firmware package os-elasticsearch7-maxit
2025-09-10T11:05:33-08:00    Notice    configd.py    [a95f98ef-239d-42e1-81cd-5d5124d3021b] Querying os-elasticsearch7-maxit package details
2025-09-10T11:03:04-08:00    Informational    configd.py    message 0aeb38b6-b85b-4c91-8083-484f20ad0bba ['os-elasticsearch7-maxit'] returned OK
2025-09-10T11:03:04-08:00    Notice    configd.py    [0aeb38b6-b85b-4c91-8083-484f20ad0bba] Remove firmware package os-elasticsearch7-maxit
2025-09-10T11:01:56-08:00    Debug    configd.py      OPNsense/Elasticsearch generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:01:56-08:00    Notice    configd.py    generate template container OPNsense/Elasticsearch
2025-09-10T11:01:56-08:00    Notice    configd.py    [73328207-bb86-4856-82b9-16fdedd79a59] generate template OPNsense/Elasticsearch
2025-09-10T11:01:56-08:00    Notice    configd.py    [9ca3f9be-4413-4126-9608-a8169f7c7ee2] stopping Elasticsearch
2025-09-10T11:01:51-08:00    Notice    configd.py    [469ecf3e-46f0-4689-bf19-6b98031e0352] request Elasticsearch status
2025-09-10T11:01:16-08:00    Notice    configd.py    [d2a0f271-2ac5-461d-9491-04156c8839e0] request Elasticsearch status
2025-09-10T11:00:49-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:49-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:49-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:48-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:48-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:48-08:00    Error    configd.py    [e03fa892-b455-4ecf-8ae9-ba7d6de572f4] Script action failed with Command '/usr/local/zenarmor/scripts/installers/elasticsearch/create_indices.py '' ''' returned non-zero exit status 5. at Traceback (most recent call last):  File "/usr/local/opnsense/service/modules/actions/script_output.py", line 78, in execute    subprocess.run(script_command, env=self.config_environment, shell=True,  File "/usr/local/lib/python3.11/subprocess.py", line 571, in run    raise CalledProcessError(retcode, process.args, subprocess.CalledProcessError: Command '/usr/local/zenarmor/scripts/installers/elasticsearch/create_indices.py '' ''' returned non-zero exit status 5.
2025-09-10T11:00:48-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:48-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:47-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:47-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:28-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:26-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:25-08:00    Debug    configd.py      OPNsense/Zenarmor generated //etc/rc.conf.d/elasticsearch
2025-09-10T11:00:00-08:00    Notice    configd.py    [24c03cea-085a-4335-af13-c91130b61710] checked remote elasticsearch
2025-09-10T10:56:45-08:00    Notice    configd.py    [f874d17d-f0d4-4142-970f-2870dafac254] request Elasticsearch status
2025-09-10T10:55:00-08:00    Notice    configd.py    [82e79511-44fd-46d3-9df5-9832832c8b09] checked remote elasticsearch
2025-09-10T10:50:00-08:00    Notice    configd.py    [fb95610c-b5ab-4542-8e20-17007ea874c9] checked remote elasticsearch
2025-09-

This was originally posted under OPNsense 25.7...but looks like I should have posted it here instead :-)

After upgrading to OPNsense 25.7, the Elasticsearch service does NOT restart after a firewall reboot.  I can fix it and get it to start by going to services>Elasticsearch>General and click on the SAVE button. The enabled box is already checked, and the service fails to start until I clink on SAVE.   Once I click SAVE, the service starts up and Zenarmor works great.

I am using the remote Elasticsearch DB with the os-elasticsearch7-maxit plugin from the mimugmail repo.  I have uninstalled / reinstalled the DB and have the same result, the Elasticsearc service does not start and trying to manually start the service fails until I click the SAVE button.

I'v read that clicking the SAVE button rewrites the config file, allowing the service to start...but my guess is the file is NOT being saved?

After upgrading to 25.7, the Elasticsearch service does NOT restart after a firewall reboot.  I can fix it and get it to start by going to services>Elasticsearch>General and click on the SAVE button. The enabled box is already checked, and the service fails to start until I clink on SAVE.   Once I click SAVE, the service starts up and ZenArmor works great. 

I am using the remote Elasticsearch DB with the os-elasticsearch7-maxit plugin from the mimugmail repo.  I have uninstalled / reinstalled the DB and have the same result (NO auto start of the Elasticsearch service) on reboot.