Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - NeoDragon

Pages1
#1
25.7, 25.10 Series / [Solved] Local access to XGS-PON SFP+ Stick Module
October 03, 2025, 08:55:08 PM
Hi all,

I'm using a custom Custom XGS-PON SFP+ Stick Module to bypass my ISP router. Internet is working properly, but I can't access the stick management address to update the stick itself. It was working on 24.* version of opnsense, but i figured something changed in 25.7 because i can't access it anymore. I wiped and started fresh on 25 however.

Here's the setup :

Stick is plugged in ix1
Interface > WAN is pppoe on ix1
Interface > WAS110 is ix1 with the static ip 192.168.11.2/24
WAS110 management address is 192.168.11.1

Outbound Rule from WAN to 192.168.11.2

Also tried following the "official" method found here https://pon.wiki/guides/install-the-8311-community-firmware-on-the-was-110/#opnsense but no cigar.


Anybody can help me access the stick??

[Solved]

I managed to solve this by trying a different IP on the WAS110 Interface. The PON had it's Gateway as 192.168.11.1 and it's static ip as 192.168.11.2.
#2
25.1, 25.4 Series / dnsmasq-hosts warnings after changing ip leases
June 24, 2025, 10:39:51 PM
Hi,

I recently re-ordered my network to remove a few vlans and make it simpler. However, dnsmasq is throwing a few warnings like this :
Quotenot giving name hostname.local.tld to the DHCP lease of 192.168.1.5 because the name exists in /var/etc/dnsmasq-hosts with address 192.168.3.3

I cannot remove them manually from /var/etc/dnsmasq-hosts, they always come back after restarting the service.

Any ideas ?
#3
Virtual private networks / OpenVPN > Caddy > Access List
March 08, 2025, 05:58:24 PM
Hi everyone,

I'm trying to make Caddy access list work thru the openvpn instance but having difficulties.

OpenVPN instance works, I can access local ip's within local network. However, caddy does not recognize the openvpn connection as a local network connection but rather as the WAN connection of the user, so it is block by the access list.

I tried setting the openvpn instance with different redirect gateway option but it still does not work. The connection either gets timeout and nothing appears on the caddy log file, or the connection is blocked because it's being recognized as an outside ip instead of a local network one.

Anyone can help? 
#4
24.7, 24.10 Legacy Series / Caddy http access issues
November 04, 2024, 06:29:40 PM
Hi,

I've been using caddy plugin for a little while. Recently, http access started acting up and not allowing ip's included in the addresses, specifically opnvpn subnet.

VPN subnet is on 192.168.50.1/24
Local Subnet is on 192.168.0.0/16

Tried adding 192.168.0.0/16 and the 192.168.50.2 ip (the vpn user address) and it still doesn't work.

As soon as I remove access restriction, everything starts to work again.
------

As i was typing this, I figured it out looking to share the caddyfile.
Invert option might be "inverted", as in it denies access to ip address listed instead of allowing.

Inverted not checked : not client_ip 192.168.0.0/16 192.168.50.2
Inverted checked : client_ip 192.168.0.0/16 192.168.50.2
#5
23.1 Legacy Series / Firewall Aliases not updating
April 30, 2023, 07:54:35 PM
Hi,

I've had trouble with updating aliases from cron job. All the URL were not updating unless i manually disabled and re-enabled them.
Cron job also didn't work.

I've found an issue rport on the github about it and user splooge seems to have a proper solution : https://github.com/opnsense/core/issues/5788#issuecomment-1489096388

Changing the service command of the aliases update in action_filter.conf to
Code Select
rm -f /var/db/aliastables/* && /usr/local/opnsense/scripts/filter/update_tables.py seems to have worked.

#6
22.7 Legacy Series / False interface lan overview
July 30, 2022, 10:46:34 PM
Hi,

I've encountered a small bug. It is not breaking anything really, just reporting false information.

My machine running opnsense 22.7_4:
Odyssey Blue X864105

This machine comes with 2x Intel NIC I211, however  opnsense is reporting the mac address as Realtek. Quick search for the first 6 MAC number on google does in fact report it as a realtek but running pciconf -lv | grep -A1 -B3 network tells me otherwise. See the 2 pictures attached.

Nothing breaking, but a bit annoying as I went down the rabbit hole to confirm the NIC were indeed Intel and not realtek so I could enable CRC, TSO and LRO without worry.
#7
21.7 Legacy Series / Unbound DoT not working
September 06, 2021, 09:22:39 PM
Hi all,

I'm fairly new to opnsense and have been pretty pleased so far.
However, I can't get unbound DoT working alonside Adguard for some unknown reason.
Test at https://tenta.com/test shows that I'm indeed using Quad9 upstream with DNSSEC but without TLS even thought it is configured under Services>Unbound DNS>DNS over TLS

Can anybody help?

For references, I've used this particular topic over these forums to setup adguard + unbound
https://forum.opnsense.org/index.php?topic=22162.0
Pages1