Topics

1

21.7 Production Series / Error when upgrading from 21.1 to 21.7

« on: October 05, 2021, 08:16:49 am »

Hi there,

I wanted to document what happened to our installation of Opnsense while upgrading to the latest version.
Let me start that, at the end, I had to reinstall, but the configuration has been imported from the system so it was quick and painless - nice feature, btw 

So, I started the upgrade as ofthen through the web interface and all went seemingly smoothly.
After the first reboot, the system didn't come back online, so I checked. The console was full of errors, with the mayor seemingly a Python error (more on this later) and the complaint, that systemd is not running. I was able to get to a shell, but with no internet connection and my limited experience on FreeBSD, I was not able to do much.

One of the errors that I saw was a Python error, while running /usr/local/opnsense/service/configd.py, complaining about a missing module "jinja2". Goinbg at it with the "pkg" package manager, there were several missing Python modules marked as required but not installed. And, as I had no connection, I decided to reinstall.

Maybe this was only a localized issue, but I still wanted to report it. If there are any logfiles that could be helpful please let me know and I will gladly collect anything usable.

best regards
Lukas

2

18.1 Legacy Series / OpenVPN Roadwarrior resolvable common name

« on: February 20, 2018, 08:52:12 am »

Hi there,
I am successfully running an OpenVPN roadwarrior setup with multiple machines connecting to OpnSense without issues. Now I would make it possible to access those machines via DNS names instead of IP only (so, instead of using 10.10.0.5, I'd like to be able to use something like 'roadwarrior01'). Is there any straightforward way to register the common name of the roadwarrior in the DNS forwarder, like the DHCP leases are being registered?

Thanks
Lukas

3

16.7 Legacy Series / [SOLVED] Gateway stopped working after upgrade to 16.7

« on: July 30, 2016, 09:49:31 am »

Hi Guys,
I did the upgrade to 16.7 yesterday and it all went smoothly - apparently, at least.
I found out that a part of our network lost internet access since the upgrade, and exactly this part (the Guest WLAN) is using a different interface to access the internet. Basically, I am using an PPPoE connection as the main WAN connection, and a router (located at 192.168.0.6) as a second connection for the Guest WLAN.

I did several tests, and it seems that OPNsense is unable to use that router to access the internet. I currently have it configured as a gateway and didn't change anything, so I am unsure about what might be wrong. Any hints?

Thanks
Lukas

4

16.1 Legacy Series / [Solved] Captive Portal: MAC addresses not saved

« on: April 13, 2016, 07:25:09 pm »

Hi there,

while experimenting with the captive portal, I noticed that I am unable to set any MAC address (like "b0:df:3a:0b:e6:be") under "Allowed MAC addresses".
I can edit the field, but once I hit "Save" it is not saved (and of course not applied). Am I doing something wrong here?

OPNsense 16.1.9-amd64   
FreeBSD 10.2-RELEASE-p14   
OpenSSL 1.0.2g 1 Mar 2016

Thanks
Lukas

5

16.1 Legacy Series / [SOLVED] Captive Portal not working

« on: April 09, 2016, 04:13:44 pm »

Hi guys,

I am trying to enable a captive portal for our guest net (with vouchers), as we will soon get a serious fiber connection and I need to make sure to be able to monitor decently.

Anyway, I followed the steps as described here: https://docs.opnsense.org/manual/how-tos/guestnet.html

I honestly went through everything multiple times, each step again and again, but I still have the problem that, once a device connects to the guest network, it simply can access the net without any problems - no redirection to the portal/login page, no error, nothing.

Maybe somebody has an idea? I have the DNS forwarder enabled, DHCP configured as per the help page... I really dunno what else could be wrong here ...

Version Data:
OPNsense 16.1.9-amd64   
FreeBSD 10.2-RELEASE-p14   
OpenSSL 1.0.2g 1 Mar 2016


Thanks
Lukas

6

15.7 Legacy Series / Multiple PPPoE connections over one interface

« on: November 18, 2015, 06:17:23 pm »

Hi there,

I was wondering if it is technically possible to connecto to two different PPPoE connections over one interface (network card). I actually was able to set this up, but strangerly Opnsense shows me both connections with the same IP, even if they have different ones if I test them with traceroute. In addition, the second connection seems to not being used, even if I modify the firewall rules accordingly.

7

15.7 Legacy Series / PPPoE not getting monitored after reboot

« on: July 27, 2015, 07:42:47 am »

Hi there,

this is a minor problem, more like a bug:
I have two WAN connections: One to an ADSL router, and the other has a PPPoE connection on it. Both connections are monitored by pinging Google's DNS servers, and this works fine.
However, after a reboot, the PPPoE connection states "pending" instead of "connected" on OPNsense's main page, but in fact it is connected and working. If I go and open the connection's settings and save them (without any changes) then the monitoring starts and works correctly. Maybe it's just a script problem...

8

15.7 Legacy Series / [SOLVED] DHCP not giving leases after update to OPNsense 15.7.4-amd64

« on: July 25, 2015, 05:54:53 pm »

Hi there,

I just noticed that my guest WLAN is not usable, as the clients won't get a valid IP address when connecting. The DHCP server is up and was running alright till I updated to the latest version of OPNsense. The DHCP server is running fine, however it seems to give no answer to incoming requests... Any idea?

Thanks

Lukas

9

15.7 Legacy Series / [SOLVED] Traffic Shaper for VoIP?

« on: July 21, 2015, 09:06:27 am »

Hi there,

I am successfully running the latest version in our production environment (after having switched in winter time from Endian firewall), and have eagerly awaited the release of the traffic shaper. Now, what I would like to achieve is to prioritize VoIP traffic over all interfaces (or at least over our two WAN interfaces). How could I do that?
I could actually use the IP of our VoIP provider as to & from address, but I cannot figure out how to program the shaper... 
Any help is welcome

10

15.1 Legacy Series / [SOLVED] VLAN not working after upgrade

« on: May 06, 2015, 11:50:09 am »

Hi guys,

I just upgraded today to the latest version (15.1.10). Everything went smoothly, but I then noticed that two interfaces I am using were down:
WAN interface (wan, em3): up
LAN interface (lan, em1): up
DMZ interface (opt1, em2_vlan10): down
WLAN_GUESTS interface (opt2, em2_vlan20): down

Now interestingly, if I run ifconfig on the shell I cannot find "em2_vlan10" or "em2_vlan20", but instead a few interfaces starting with "vlan" like "vlan0","vlan1" etc.

The log says:
---
May 6 11:34:25   opnsense: /usr/local/etc/rc.bootup: The command '/usr/sbin/arp -d -i 'em2_vlan20' -a > /dev/null 2>&1' returned exit code '1', the output was ''
May 6 11:34:25   opnsense: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'em2_vlan20' -staticarp' returned exit code '1', the output was 'ifconfig: interface em2_vlan20 does not exist'
May 6 11:34:25   opnsense: /usr/local/etc/rc.bootup: The command '/usr/sbin/arp -d -i 'em2_vlan10' -a > /dev/null 2>&1' returned exit code '1', the output was ''
May 6 11:34:25   opnsense: /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'em2_vlan10' -staticarp' returned exit code '1', the output was 'ifconfig: interface em2_vlan10 does not exist'
---

Now I don't know what I could try, it looks to me that either VLAN is not working on the interface, or somehow the name is not configured correctly. Any ideas?
The interface em2 seems, btw, connected and VLAN-capable:
---
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=5219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO>
        ether 68:05:ca:1f:83:68
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active

---

Thanks
Lukas