Topics

1

24.1 Legacy Series / update goes wrong: Host does not resolve

« on: September 21, 2024, 06:25:07 pm »

I got this massage after update:

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.1.5_3 at Sat Sep 21 18:16:07 CEST 2024
Fetching changelog information, please wait... fetch: https://pkg.opnsense.org/FreeBSD:13:amd64/24.1/sets/changelog.txz: Host does not resolve
Updating OPNsense repository catalogue...
pkg: Repository OPNsense has a wrong packagesite, need to re-create database
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.6/latest/meta.txz: No address record
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.6/latest/packagesite.pkg: No address record
pkg: https://pkg.opnsense.org/FreeBSD:13:amd64/24.6/latest/packagesite.txz: No address record
Unable to update repository OPNsense
Error updating repositories!
pkg: Repository OPNsense has a wrong packagesite, need to re-create database
pkg: Repository OPNsense cannot be opened. 'pkg update' required
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

Ping to internet  8.8.8.8 (etc) does not work.
tryed to update from console no luck.
DNS's are set in setting.
Gateway is correct lan has conection to the internet.

What can i do more?

Grz
Jonas

2

23.7 Legacy Series / Tinc service stops on restart or apply settings

« on: October 02, 2023, 05:45:14 pm »

When I try to restart the tinc-vpn service or apply new configuration the configuration stops en doesn't come online again.

I think this is a bug, in past it worked flowlessly. (editon 2020, 2021?)
Where can i fill the bug report?

kind regards,
Jonas

3

23.1 Legacy Series / Routing between 2 site vpn networks (Zyxel nebula and tinc vpn) over VTI tunnel.

« on: June 27, 2023, 04:45:31 pm »

Hi all,

I try to make vpn connection to connect 2 vpn site networks.

1 is zyxel-nebebula (192.168.225.0/24; 192.168.195.0/24)
1 is Tinc vpn on opnsense. (192.168.224.0/24; 192.168.223.0/24)
   

Between the 2 I have set up an VTI-ipsec tunnel and I can route traffic to both ends of this tunnel. 192.168.224.0/24 <---> 192.168.225.0/24
Form te Nebula sitewide network can access the GW/FW. I created policy based routes.
192.168.195.0/24  192.168.224.0/24
What does not work jet is,  that  I can't acces my zyxel GW/FW the form tinc vnp network.
192.168.223.0/24 <---> 192.168.225.0/24

My plan on the 224.254 GW/FW was to  :

• assing interface on tinc (Dynamic gateway policy y/n ?)
• create a gateway
• setup the policy based route form 223 to 225 networks

I add the far site (225) network on the tinc host subnet.

Is this idea correct? Or am i missing someting?
See my schema for more context.

kind regards

4

23.1 Legacy Series / Delet this topic

« on: June 23, 2023, 06:57:26 pm »

empty

5

21.1 Legacy Series / boostrap faild on Free bsd install: Authentication error

« on: March 29, 2021, 12:32:45 pm »

Hi

I Try to install Opnsene with the bootsctrap script but get an authentication error.

root@user:~ # fetch https://raw.githubusercontent.com/opnsense/update/master/bootstrap/opnsense-bootstrap.sh
Certificate verification failed for /C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=www.github.com
34370654208:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:
fetch: https://raw.githubusercontent.com/opnsense/update/master/bootstrap/opnsense-bootstrap.sh: Authentication error


I installed the ca_root_nss on a new install of FreeBSD 12.2-RELEASE r366954 GENERIC.

Have other's encountered the same issue?

6

20.7 Legacy Series / Tinc VPN Firewall rules

« on: December 07, 2020, 04:40:13 pm »

Hi,

I'm configurating Tinc VPN but sinds the update of 20.7.* the firewall rules tap for tinc does not show up?
With previous versions it did come  up in the gui.
Is this a bug or can i resolve the issue my self?
I have found a workaround by editing the config file and restore this

<tinc>
      <internal_dynamic>1</internal_dynamic>
      <enable>1</enable>
      <if>tinc</if>
      <descr>TincVPN</descr>
      <type>none</type>
      <virtual>1</virtual>
    </tinc>
  </interfaces>

Kind regards