Topics

1

20.7 Legacy Series / can't Login after update

« on: April 06, 2021, 08:56:50 pm »

hello
i have done the update to
OPNsense 20.7.8_4 (amd64/OpenSSL) ***
but after a long reboot, i can't login
not on the GUI not on the Terminal

how to hack it?

have a nice day
vinc

2

21.1 Legacy Series / error on update

« on: April 06, 2021, 08:53:10 pm »

hello
doing a update to the newest version i got in the Cosole some error

Stopping clamav_freshclam.
Waiting for PIDS: 75595.
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'dhcpleases'
>>> Invoking backup script 'duid'
>>> Invoking backup script 'netflow'
[HBSD SEGVGUARD] [syslog-ng (81489)] Suspending execution for 600 seconds after 5 crashes.
 -> pid: 81489 ppid: 88751 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>
[HBSD SEGVGUARD] [syslog-ng (88751)] Preventing execution due to repeated segfaults.
 -> pid: 88751 ppid: 1 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>

what should i do now?
have a nice day
vinc

3

20.7 Legacy Series / MuninNode not stable working

« on: November 02, 2020, 09:43:25 pm »

Hello

i use the MuninNode plugin which did work nice but since a couple of weeks i stopps working, but not allways and not all parts. see picture added.

there would also be a wish to remove some graphs! As example some removed vlan traffic/error graph.
Or add new added VLAN traffic/error.

OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4

4

Web Proxy Filtering and Caching / Starting frontend xxxx: cannot bind socket

« on: November 02, 2020, 09:33:14 pm »

Hello

i wished to add HAProxy to point to a VM on my Setup.
i followed this wonderfull tutorial in German https://schulnetzkonzept.de/opnsense
I think i have done it right but the HAProxy don^t start

/usr/local/etc/rc.d/haproxy: WARNING: failed to start haproxy

i have also a error like

kernel   arp: 32:ea:39:26:d2:c1 attempts to modify permanent entry for 10.147.42.195 on igb1

this ip would be the VM i wish to add to HAProxy

and another error but not sure if it belongs to my HAProxy error

configctl[67179]   error in configd communication Traceback (most recent call last): File "/usr/local/opnsense/service/configd_ctl.py", line 68, in exec_config_cmd line = sock.recv(65536).decode() socket.timeout: timed out

any idea how to find out why HAProxy not start?

have a nice day
vinc

OPNsense 20.7.4-amd64
FreeBSD 12.1-RELEASE-p10-HBSD
LibreSSL 3.1.4

5

20.7 Legacy Series / update problem [HBSD SEGVGUARD]

« on: October 23, 2020, 08:42:51 pm »

Hello
doing a update
the process hangs at this place

Code: [Select]

[63/67] Extracting os-haproxy-2.25: .......... done
Stopping configd...done
Starting configd.
Keep version OPNsense\HAProxy\HAProxy (2.10.0)
Reloading plugin configuration
Configuring system logging...done.
Reloading template OPNsense/HAProxy: OK
Reloading template OPNsense/Syslog: OK
[HBSD SEGVGUARD] [syslog-ng (69496)] Suspending execution for 600 seconds after 5 crashes.
 -> pid: 69496 ppid: 49740 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>
[HBSD SEGVGUARD] [syslog-ng (49740)] Preventing execution due to repeated segfaults.
 -> pid: 49740 ppid: 1 p_pax: 0xa50<SEGVGUARD,ASLR,NOSHLIBRANDOM,NODISALLOWMAP32BIT>
any idea whats the Problem?

have a nice day
vinc

6

20.7 Legacy Series / iot VLAN should not go into the LAN

« on: October 14, 2020, 08:53:18 am »

Hello
i have a WLAN with SSID "iot" on a VLAN 42!
on the opnSense i got the VLAN as network and conected to the LAN Port.
DHCP is giving out IP Adress to the iot SSID from the VLAN 42

Now i have LAN where the computer/laptop are.

now the rule about this vlan should be
1) no access from vlan42 to LAN
2) access from vlan42 to WAN
3) access from LAN to vlan42 (else i can't configure theme)

Thanks for your help and feedback

vinc

7

20.7 Legacy Series / Munin agent broken not all port shown

« on: October 07, 2020, 03:07:40 pm »

Hello
since the Update
the Munin Agent do not send information on new added VLAN "Ports" traffic!
And there is also a function missing to remove old VLAN ID Traffic grafics!

have a nice day
vinc

8

20.7 Legacy Series / opnSense and UCS - Radius/DHCP/VPN rights

« on: August 30, 2020, 05:57:46 pm »

Hello

I have UCS (Univention Corporate Server) running with User Management.
I also run a opnSense FW.

first,
i manage Radius and DHCP on my opnSense, would it be wise to move this function to the UCS itself?
It is possible to hold them on both place like a master and Backup system? if yes how?

Then
i have also the VPN on my opnSense, how to manage the userrights for VPN over UCS and giving the Information to the opnSense, how to add the Certificate back to the user. Goal would be a login into the VPN and get the cert.

How did you solved this challange?

have a nice day
vinc

9

20.7 Legacy Series / upgrade with error

« on: August 25, 2020, 04:23:36 pm »

after downloading and the information about rebooting in the console i got this....

Aug 25 16:21:49 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry
Aug 25 16:21:54 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry
Aug 25 16:21:59 lighttpd[19562]: (mod_openssl.c.1975) SSL: 1 -1 error:1404C07F:SSL routines:ST_OK:bad write retry

10

20.1 Legacy Series / Firewall Rule question

« on: March 09, 2020, 06:13:07 pm »

hello
when i startet with opnsense i had a LAN Port with ip Range and some VM inside the IP Range too.
Now i have added a VLAN for the local user on a Switch.

the LAN and VLAN have different IP Range!

how the rule should be to have full access from VLAN <--> LAN?
the VLAN so far works to connect over WAN outside!
the VLAN is fixed on top of the LAN Port!

have a nice day
vinc

11

20.1 Legacy Series / A problem was detected. Click here for more information.

« on: March 07, 2020, 07:08:35 pm »

Hello
after update - after every update i got a error like this.
with a link to
System: Firmware: Reporter

Unfortunately we have detected at least one programming bug.
Would you like to submit this crash report to the developers?

and i send it
but never get a feedback.

12

20.1 Legacy Series / VLAN question

« on: March 04, 2020, 09:02:28 pm »

hello

i have a unifi AP on port 3 on my Switch
the Switch is connectetd over port 10 to the opnSense FW

the Switch also have some normal LAN Ports.

so i have done a Trunk on both Port 10 or 3

now i have triyed this but all other port on the Switch did not work any more

so will i have to config also the default VLAN on the opnSenseFW?
if so do i have to config something as default VLAN?
or it is possible to config the VLAN on the basic LAN Port?

or what i do i miss?

have a nice day
vinc

13

20.1 Legacy Series / update to "Keen Kingfisher" and ...

« on: February 06, 2020, 01:25:19 pm »

Hello

yesterday i did the upgrade to "Keen Kingfisher" and....
it just worked - took around 5 Minutes.
But at the end it bootet and everything back and OK

Thanks a lot for your Work

have a nice day
vinc

14

19.7 Legacy Series / after Upgrade no WLAN connection

« on: November 22, 2019, 07:36:16 pm »

hello
after i have done the update to

OPNsense 19.7.7-amd64
FreeBSD 11.2-RELEASE-p16-HBSD
LibreSSL 3.0.2

the connection over my build in  WLAN wle200nx 
the device are not connecting any more also after the reboot of the device...

how to check if the WLAN is working well on my opnSense?

have a nice day
vinc

15

19.7 Legacy Series / GEOIP information for droped IP

« on: November 14, 2019, 10:05:27 am »

Hello

on the opnSense Gui i see the droped connection.
would it be possible to add a Information or Flag about the droped IP/Country?

Hope to get a feedback

have e nice day
vinc