Messages

Dear Folks,

in the past it works, now it doesn't any more:
login to console via ssh.
When I try to login, the message appears:

Code Select Expand

"----------------------------------------------
|      Hello, this is OPNsense 17.7          |         @@@@@@@@@@@@@@@
|                                            |        @@@@         @@@@
| Website: https://opnsense.org/        |         @@@\\\   ///@@@
| Handbook: https://docs.opnsense.org/   |       ))))))))   ((((((((
| Forums: https://forum.opnsense.org/  |         @@@///   \\\@@@
| Lists: https://lists.opnsense.org/  |        @@@@         @@@@
| Code: https://github.com/opnsense  |         @@@@@@@@@@@@@@@
----------------------------------------------

This account is currently not available.".

In System/Settings/Administration there is in deed ssh access enabled with password login.

Any ideas how to solve this?

Cheers,
Andy

Bingo that was it!
Issue solved  ;D

Thanks fabian! 8)

Since it was working in the past and I didn't change anything of th fw rules, I suspect it's the latter one. How can I unblock ssh login after too many failed attempts?

thanks.
activated root login permission, but no change. #its still impossible to get a connection via ssh neither as root nor via other user login.
Ssh times out as the server doesn't respond apparently.

password yes
root no

Hi folks,

this might be a stupid question:
I have tried too many times to login via ssh apparently with a wrong password.
As a consequence ssh seems to block any login attempt now.
Does anybody know how I can unblock this ?

Code Select Expand

Received disconnect from 192.168.1.1 port 22:2: Too many authentication failures
Connection to defiant-nw closed by remote host.

Thanks in advance,
Andy

Avoiding VLAN for IPTV and using a managed switch feeding the IPTV stream separately to the opnsense box by a physical interface worked for me. Thiis workaround is now in place and seems to work stable.
Somehow IGMP Proxy doesn't cooperate with VLAN interfaces any more, but well with physical ones (se bug tracker).

Cheers and thanks a lot for your help,
Andy

Hi Franco,

I can imagine the preparations demand loads of energy and time  ;)

And thanks to still hanging on to this topic !

Unfortunately the patch didn't work :-(
Any other options?

Cheers,
Andy

I will wait for the 16.7, hopefully i'll work there again. Lets hope and see  :o

OK sent via PN.


Cheers,
Andy

No improvement unfortunately.
I have also compared the backup xml files from prior the upgrade and after. They are identical.
Maybe something under the hood changed? Kernel,... ?
Sorry my limited capabilities to help but I am not an expert.
Please let me know if you need any further information as input.

Cheers and have a nice evening,
Andy

Ok -- I will try if the downgrade helps. If not I will be back here soon :-)

Cheers,
Andy

Hi Franco,

thanks for your quick reaction!
It was just the version below when it was still working, thus 16.1.17.

Is there any way to downgrade to specifically 16.1.17 for the time being?
Otherwise I would assume I have to install the last image and avoid any updates, but this of course is not the preferred solution from security point of view.

Besides of this small flaw I have to say its really a great piece of software!

Cheers,
Andy

Hi Folks,

unfortunately I realized the igmp proxy fails to start after the update to 16.1.18.
With the previous version everything worked fine.

Now in the log the error message is:
igmpproxy[86381]: There must be at least 2 Vif's where one is upstream.

Thats very annoying - especially since I didn't change anything.

Any help would be very welcome!

Thanks a lot in advance
Andy

Dear experts,

I have a opnsense box as follows:
WAN: iptv/internet separated by vlans (via FTH)
LAN: local lan, including one IPTV receiver
WIFI: guest wifi, separate subnet from LAN. Wifi card is built into pfsense box

Everything is running well, except:
When the IPTV receiver is on and receives broadcast (via multicast and IGMP proxy in opnsense), then it seems that all multicasts are also sent to the wifi interface and not only to the LAN.
This obviously floods my guest wifi with useless data, as there is no IPTV receiver in the wifi.

I have no clue why the multicasts are also directed to the wifi and not only to the LAN, because in the IGMP proxy there is only entered the LAN subnet.

Has anybody an idea how I can block the multicast packets from entering the wifi interface?

Thanks for your help in advance,
andy