Topics

1

23.1 Legacy Series / Duals console: Primary and Secondary are swapped on boot

« on: May 18, 2023, 07:05:08 pm »

I was installing my Dell R230 with OPNsense 23.1 and got it updated, then restored a backup which messed up console output on boot.
Fixed it by ticking "Use the virtual terminal driver (vt)" and setting Primary Console to EFI.
Though I am unsure if the latter is needed when using vt?

Anyway, I set EFI Console to Primary and left the Secondary console set to Serial.

But booting the machine, the Loader shows option 5 (Cons) as Serial Primary.
dmesg shows this as well:

Dual Console: Serial Primary, Video Secondary

That doesn't seem right?

2

23.1 Legacy Series / Module not loading on startup using rc.loader.d file

« on: March 16, 2023, 05:07:40 pm »

I am trying to load the ipmi module, after installing the ipmitool package via SSH, but somehow it doesn't load.
Loading it manually works fine.

I created /usr/local/etc/rc.loader.d/20-ipmi and added ipmi_load="YES" to it.

Seems the file doesn't need any special permissions or user:group on it, so what could I be missing?

3

19.1 Legacy Series / WAN address traffic to 172.28.195.1:455. What is it?

« on: April 29, 2019, 10:35:04 pm »

I just noticed in Live View under Firewall traffic on the WAN interaface going to 172.28.195.1:4455.
Source shows my WAN's IP-address:64xxx with the xxx increasing every second.

Oddly enough, after port 64556 it turned to 53913 and start going up again.

172.28.195.1 is a private address. But I don't even use that private address range in my network.
What is this?

In the screenshots I blacked out my WAN IP address.

4

18.1 Legacy Series / CPU graph percentage always in the middle

« on: January 16, 2018, 02:35:08 pm »

I've noticed this in 17.* too, and now in 18.1.r2 as well.
In several web browsers I noticed that when I hover the mouse cursor over the CPU graph it always shows the percentage in the middle, showing the CPU percentage it was when at the middle.

Example, the screenshot shows 3%, but that's from after the spike a bit to the left of the middle.

My OS is Windows 10, web browsers are Edge and Waterfox. Also saw this in Google Chrome and Vivaldi.

5

18.1 Legacy Series / Hyper-V 2016 Gen 2 crash on copying files

« on: January 11, 2018, 08:32:18 pm »

I created a Gen 2 VM with 4 cores, 1GB RAM and a 16GB dynamic VHDX, 2 NICs.

Gen 1 started installing fine, then realized FreeBSD 11.1 supports Gen 2, so started over.
But, as soon as the installer starts the copy of files, after selecting the guided disk part, it crashes with the below error.

Reset and try again fails in the same spot.

The image I had from Franco a while back with the new kernel installed fine.

6

Documentation and Translation / Proposed changes for "Configuring LDAP"

« on: December 09, 2017, 01:27:58 pm »

The documentation on Configuring LDAP has an error in the text that makes Active Directory (don't know about OpenLDAP or Novell eDirectory) confusing to configure.

https://wiki.opnsense.org/manual/how-tos/user-ldap.html

Under Step 1 there is a list of things to fill in. The Bind Credentials part is wrong.
At User DN you need to fill in <username>@<domain name> like ldap@opnsense.local.
As it is now, it won't work when doing the container search.

For the record, domain\username works too, but is Pre-2000 and should really not be used anymore.
It works fine, just old skool.


Last, there is a small typo under Step 5: "configureS" should be "configureD", without the capitol letters of course.

7

General Discussion / Routing issue

« on: October 28, 2017, 09:11:13 pm »

At home I'm playing around with OPNsense VM nn a ESXi 6.5.0 U1 setup, next to my Hyper-V 2016 setup which runs my main OPNsense VM.

Also working to setup a new network setup, so just trying out some thing.
But I have a routing problem I can't get my head around.
Hopefully someone here has an idea.

My Cisco switch has several VLAN's, including 42.
The IP address of the that VLAN interface is 10.42.42.20/24
Default gateway is 192.168.1.1 (VLAN 10)

The OPNsense VM (RouterA) on Hyper-V 2016 has, for the interface connected to VLAN 42 (Opt1), IP address 10.42.42.100.
It also has a interface connected to VLAN 10 (LAN), IP address 192.168.1.1.
No other interfaces, besides the one for WAN.

The OPNsense VM (RouterB) on ESXi 6.5.0 U1 has, for the interface connected to VLAN 42, IP address 10.42.42.1.
No other interfaces, besides the one for WAN.

Client IP address 192.168.1.61 (VLAN 10 set on the Switch port).

NAS IP address 192.168.1.11 (VLAN 10 set on the Switch Port)

Now comes the weird part, as layed out below:

Switch
Ping to 10.42.42.100 OK
Ping to 10.42.42.1 OK
Ping to 192.168.1.1 OK
Ping to 192.168.1.11 OK
Ping to 192.168.1.61 NOK

RouterA
Ping to 10.42.42.20 OK
Ping to 10.42.42.1 OK
Ping to 192.168.1.11 OK
Ping to 192.168.1.61 NOK

RouterB
Ping to 10.42.42.20 OK
Ping to 10.42.42.100 OK
Ping to 192.168.1.11 NOK
Ping to 192.168.1.61 NOK

Client (192.168.1.61/24 VLAN 10)
Ping to 10.42.42.20 OK
Ping to 10.42.42.100 OK
Ping to 10.42.42.1 NOK
Ping to 192.168.1.1 OK
Ping to 192.168.1.11 OK


I hope anyone can make sense out of this. It must be something simple, but I can't see it.

8

17.7 Legacy Series / ESXi 6.5.0 U1 booting goes very wrong

« on: October 28, 2017, 05:27:19 pm »

I'm messing around with ESXi 6.5.0 U1 at home, and created a VM based on VM version 13 (6.5 and later) using mostly basic settings, except I removed the USB controller and added a second NIC (vmxnet3).
OS set to Other, FreeBSD (64-bit).
Left the SCSI controller at LSI Logic Parallel, because FreeBSD still does not support the VMware Paravirtual controller.

Booting the OPNsense-17.7.5-OpenSSL-dvd-amd64.iso, and installing from it using GPT/UEFI is fine too, but the first reboot messes up the VM in such a way that the ESXi web console shows the VM as powered off, but you can't power it on in any way.
Even the console can't reach it ("esxcli vm process list" only shows running VM's), so a host reboot is the only way to reach it again.

Maybe I've searched wrong, but I can't find anything related to FreeBSD 11 and this. I did read something about FreeBSD 10 on a VMware page, but EFI is almost fully supported in 11...

Anyone tried this yet?
Going to try a BIOS/MBR installation next. See if that works.

9

17.7 Legacy Series / "An API exception occured" during update

« on: September 02, 2017, 01:47:19 pm »

I just did the update from 17.7 to 17.7.1, and at some point it popped up a error message.
Updating continued, and reboot went fine too.

An API exception occured
Error at /usr/local/opnsense/mvc/app/library/OPNsense/Core/Backend.php:95 - stream_socket_client(): unable to connect to unix:///var/run/configd.socket (Connection refused) (errno=2)

10

General Discussion / [SOLVED] Hyper-V and time sync

« on: February 28, 2016, 03:17:56 pm »

I'm reading through some documentation to optimize my home virtual environment.
Running a Hyper-V 2012 R2 Free server which holds several VM's.
One is running OPNsense, another is a Windows Server 2012 R2 Domain Controller.

There is also a physical Windows Server 2012 R2 Domain Controller.
This one is my current Time Server for the domain and other devices to sync their time against.

It is recommended to have virtual Domain Controllers (DC) sync their time to the DC running the "PDC Emulator" role, while other VM's get their time through the "Time synchronization" from the Integration Services provided by Hyper-V host to the Guest VM.
On Linux and FreeBSD VM's this simply means not installing a NTP daemon so the Integration Service keeps the virtual clock in sync with the clock from the host.

One exception it OPNsense. It's config does not allow a blank entry for the "NTP Time Server" option in "General | Settings | System".

Is there a way to work around this, or does a patch need to be made to allow not setting a NTP Time Server?

11

16.1 Legacy Series / [Solved] Overview | Interfaces: Going wrong on expanding interfaces

« on: February 17, 2016, 08:13:21 pm »

Running 16.1.3 and when I click to expand a interface on Overview | Interfaces, alle interfaces expand.
But that's not all. For some reason it flashes the overview of a interface, and then expands every line by almost a full vertical page length.

12

15.7 Legacy Series / [SOLVED] RRD graphs: 103 processes?

« on: October 20, 2015, 09:57:27 pm »

I am probably understanding this wrong, but why does the processor graph show this for processes?
Is the CPU at 100% or not?

13

15.7 Legacy Series / [SOLVED] Firewall: NAT: Outbound : Mapping only for network, not single address

« on: August 28, 2015, 09:04:55 pm »

I use a outbound static mapping for my PlayStation 3 and 4. They need it to get a Type 2 connection.
Without it, voice communication doesn't work and multiplayer games barely work.

But for the Source I can only set a Network (ie. 192.168.1.0/24), "any" or "This Firewall (self)".
I don't need my entire LAN to use static mapping towards the internet, just the IP address of the PlayStation console.

Is it possible to get a "Single IP address" type option?

14

15.7 Legacy Series / LDAP configuration in 15.7.7_1

« on: August 05, 2015, 07:07:06 pm »

I just upgraded to 15.7.7_1 to test the updated LDAP patches
Using a Active Directory setup I run at home I can now add the server configuration.
The setup page might need some information to clarify things though.

Anyway, selecting containers works great. I can see a list of my OU's.
On the settings tab I select Active Directory as the Authentication Server.
Test and save shows a bit misleading message imo, but I could be wrong.
It shows "Testing OPNsense LDAP settings... One moment please..." in the top, but also a close button in the bottom.
It might be that the close button only shows after completion or a timeout, but I would expect some "Test successful".


But that bring me to my issue: I now have a LDAP integration, but still can't login with a domain account.
Because, I cannot create a local user (on the box) and link it to a domain account.
And trying to log in with a domain account simply responds with a wrong user/password.

Step forward, but not quite there yet.
If I missed something on the forum or on IRC, let me know.

15

15.7 Legacy Series / Spacing on dashboard

« on: July 08, 2015, 10:13:00 pm »

I've been noticing that the spacing is a bit off.
The text beneath the bars is too much. It looks like the text is above the bar below it.