Topics

1

19.7 Legacy Series / Incoming traffic blocked after upgrade from 17.7.12_1 to 18.1 and then to 19.7.2

« on: August 14, 2019, 11:50:04 pm »

Hi everybody,

Today I upgraded one of my A10 appliances from 17.7.12_1 to 18.1 version first.
After that I couldn't connect to OPNsense anymore by IP but only by console port.

I noticed that incoming IP traffic was being blocked. Outgoin traffic was OK. I though maybe about some bug so I continued upgrading to the last available version 19.7.2.

Unfortunately, incoming IP traffic is still being blocked. I disabled pf in order to test and then I could connect again by IP and so to GUI. After that, I saw that there are new floating rules that have been automatically generated and that can't be disabled, which seems to explain the issue (you can find a screenshot attached). However, I don't understand why these rules are there as there weren't in 17.7.12_1.

Could you help me, please ?

Thank you in advance.

Regards.

2

16.7 Legacy Series / [SOLVED] Config sync OK but not applied on HA slave node

« on: September 07, 2016, 03:10:50 pm »

Hi everybody,

I’ve got a new little problem with my OPNsense A10 HA cluster (OPNsense 16.7.3-amd64).

I’ve setup XMLRPC Sync between the two nodes. If do a config change in master node (ex.: adding a new route or a new firewall rule), it’s visible on the slave node but it’s not applied automatically.

For instance, if I add a new route and apply the change on master node, I can see the new route immediately on the GUI of the slave node. However, if I look at routes status, it isn’t there. If want to see it, I have to force an update and apply the changes on slave node.

I’ve found and old topic about a similar problem in an old OPNsense version but it was supposed to be fixed.

https://forum.opnsense.org/index.php?topic=1309.msg3738

Have you got any idea, please ?

Thanks in advance.

Regards,

farsoft

3

16.7 Legacy Series / [SOLVED] Interfaces always UP even if cable are unplugged

« on: September 06, 2016, 05:00:06 pm »

Hello everybody.

This is my first post.

I’ve bought two Deciso OPNsense A10 Dual Core SSD appliances in order to set up a HA cluster.

Everything seemed to work correctly but when I’ve started to do some failover tests, I’ve noticed that when I shut down the interfaces on the switches side or even if I unplug the network cables from any of the OPNsense interfaces, the status remains “active”.

If I disable / enable OPNsense interfaces from the GUI, then the status changes to “no carrier”. If I plug the cables, the interfaces go UP but if I unplugged again, the interfaces remain “active”.

I've got same behaviour in both appliances.

For instance, now the cable at em0 interface is unplugged but here is the status of the interface:

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=4209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO>
        ether f4:90:ea:10:17:a8
        inet6 fe80::f690:eaff:fe10:17a8%em0 prefixlen 64 scopeid 0x1
        inet 172.31.167.85 netmask 0xffffff00 broadcast 172.31.167.255
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet 1000baseT (1000baseT <full-duplex>)
        status: active

My OPNsense version is 16.7.3-amd64.

I’ve searched at the forum and googled also but I haven’t found any similar problem.

Have you got any idea, please?

Thank you very much.

Regards.

farsoft