"
I do have IPv6 disabled, but I can ping pkg.opnsense.org without issue.
Any ideas how to resolve this as I'd like to get my VPN working again.
Thanks
Any ideas how to resolve this as I'd like to get my VPN working again.
Thanks
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#32
24.1, 24.4 Legacy Series / Re: unable to update from 23.7 to 24.1
January 18, 2025, 11:10:07 PM
Hi.
Connectivity:
Heath:
Thanks
Connectivity:
Code Select
***GOT REQUEST TO AUDIT CONNECTIVITY***
Currently running OPNsense 24.7.12 (amd64) at Sat Jan 18 22:06:12 GMT 2025
Checking connectivity for host: pkg.opnsense.org -> 89.149.222.99
PING 89.149.222.99 (89.149.222.99): 1500 data bytes
1508 bytes from 89.149.222.99: icmp_seq=0 ttl=58 time=17.814 ms
1508 bytes from 89.149.222.99: icmp_seq=1 ttl=58 time=17.352 ms
1508 bytes from 89.149.222.99: icmp_seq=2 ttl=58 time=17.990 ms
1508 bytes from 89.149.222.99: icmp_seq=3 ttl=58 time=17.688 ms
--- 89.149.222.99 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 17.352/17.711/17.990/0.233 ms
Checking connectivity for repository (IPv4): https://pkg.opnsense.org/FreeBSD:14:amd64/24.7
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 865 packages processed.
All repositories are up to date.
Checking connectivity for host: pkg.opnsense.org -> 2001:1af8:5300:a010:1::1
ping: UDP connect: No route to host
Checking connectivity for repository (IPv6): https://pkg.opnsense.org/FreeBSD:14:amd64/24.7
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/24.7/latest/meta.txz: Non-recoverable resolver failure
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/24.7/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/24.7/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository OPNsense
Error updating repositories!
Checking server certificate for host: pkg.opnsense.org
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
verify return:1
depth=0 CN = pkg.opnsense.org
verify return:1
DONE
***DONE***Heath:
Code Select
***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 24.7.12 (amd64) at Sat Jan 18 22:07:26 GMT 2025
>>> Root file system: /dev/gpt/rootfs
>>> Check installed kernel version
Version 24.7.12 is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 24.7.12 is correct.
>>> Check for missing or altered base files
No problems detected.
>>> Check installed repositories
OPNsense (Priority: 11)
>>> Check installed plugins
os-realtek-re 1.0
os-theme-cicada 1.38
os-udpbroadcastrelay 1.0_5
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense" at 24.7.12 has 69 dependencies to check.
Checking packages: ...................................................................... done
***DONE***Thanks
#33
24.1, 24.4 Legacy Series / Re: unable to update from 23.7 to 24.1
January 18, 2025, 10:46:57 PM
Hi,
How do I patch my files for IPSec ?
I'm currently on 24.7.2 and if I check for an update I get
" There are no updates available on the selected mirror. "
The mirror is 'default' and the type is 'community'
Following the upgrade to 24.7.2 my IPSec VPN to my office fails to connect.
Thanks
How do I patch my files for IPSec ?
I'm currently on 24.7.2 and if I check for an update I get
" There are no updates available on the selected mirror. "
The mirror is 'default' and the type is 'community'
Following the upgrade to 24.7.2 my IPSec VPN to my office fails to connect.
Thanks
#34
Hardware and Performance / 900Mps FTTP PPPOE is this suitable?
January 11, 2025, 11:09:05 PM
Hi,
I'm looking at buying one of these to connect via PPPOE to a 900Mbps/100Mbps FTTP circuit.
https://www.aliexpress.com/item/1005004360072281.html
I'll add 16GB ram and 128GB SSD.
Does anyone see any issues with this, or could suggest a better alternative.
Thanks
I'm looking at buying one of these to connect via PPPOE to a 900Mbps/100Mbps FTTP circuit.
https://www.aliexpress.com/item/1005004360072281.html
I'll add 16GB ram and 128GB SSD.
Does anyone see any issues with this, or could suggest a better alternative.
Thanks
#35
General Discussion / Re: Allow multicast between two NIC's / IP Ranges.
August 22, 2024, 12:50:38 PM
Thanks.
I think udpbroadcastrelay may be what I need.
I'll install it an see how I get on.
Regards
I think udpbroadcastrelay may be what I need.
I'll install it an see how I get on.
Regards
#36
General Discussion / Allow multicast between two NIC's / IP Ranges.
August 22, 2024, 09:34:13 AM
Hi,
My OPNsense is currently configured with multiple interfaces, I need to allow multicast between two of them.
LAN 192.168.1.x
OPT1 10.10.10.x ( wifi )
Routing of traffic between these interfaces is working well, but I have devices in both ranges that send and receive multicast so I need this to pass between the two.
Ideally I'd like to specify what multicast IP addresses and ports are allowed, but it's not an issue if I have to allow all multicast.
Can someone advise how to do this, or are there any guides on how to set this up.
Thanks.
My OPNsense is currently configured with multiple interfaces, I need to allow multicast between two of them.
LAN 192.168.1.x
OPT1 10.10.10.x ( wifi )
Routing of traffic between these interfaces is working well, but I have devices in both ranges that send and receive multicast so I need this to pass between the two.
Ideally I'd like to specify what multicast IP addresses and ports are allowed, but it's not an issue if I have to allow all multicast.
Can someone advise how to do this, or are there any guides on how to set this up.
Thanks.
#37
21.7 Legacy Series / 21.7.2_1 flowd aggregate died
May 01, 2022, 08:15:07 PM
Hi,
My dashboard is showing Insight Aggregator as stopped.
Looking at: SYSTEM: LOG FILES: GENERAL I get:
I've gone into REPORTING: SETTINGS and tried Repair Netflow Data, and then Reset Netflow Data. Neither have made a difference.
Any idea how I resolve this ?
thanks.
My dashboard is showing Insight Aggregator as stopped.
Looking at: SYSTEM: LOG FILES: GENERAL I get:
Code Select
flowd aggregate died with message Traceback (most recent call last): File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 160, in run aggregate_flowd(self.config, do_vacuum) File "/usr/local/opnsense/scripts/netflow/flowd_aggregate.py", line 80, in aggregate_flowd stream_agg_object.add(copy.copy(flow_record)) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/interface.py", line 75, in add super(FlowInterfaceTotals, self).add(flow) File "/usr/local/opnsense/scripts/netflow/lib/aggregates/__init__.py", line 185, in add self._update_cur.execute(self._update_stmt, flow) sqlite3.DatabaseError: database disk image is malformed
I've gone into REPORTING: SETTINGS and tried Repair Netflow Data, and then Reset Netflow Data. Neither have made a difference.
Any idea how I resolve this ?
thanks.
#38
21.7 Legacy Series / Re: Intermittent issue on all gateways when one has packet loss.
March 18, 2022, 11:38:14 AM
Hi,
The checkbox is called 'Disable State Killing on Gateway Failure' that suggests ticking it will stop the states being killed.
However I may be misreading this !
The checkbox is called 'Disable State Killing on Gateway Failure' that suggests ticking it will stop the states being killed.
However I may be misreading this !
#39
21.7 Legacy Series / Re: Intermittent issue on all gateways when one has packet loss.
March 18, 2022, 11:16:17 AM
Hi Franco,
I'm currently running OPNsense 21.7.2_1-amd64
I do plan to update either this afternoon or tomorrow.
I've ticked 'Kill states on gateway failure' and re enabled the Gateway Monitor and will see how things go.
Thanks
I'm currently running OPNsense 21.7.2_1-amd64
I do plan to update either this afternoon or tomorrow.
I've ticked 'Kill states on gateway failure' and re enabled the Gateway Monitor and will see how things go.
Thanks
#40
21.7 Legacy Series / Re: Intermittent issue on all gateways when one has packet loss.
March 17, 2022, 08:40:15 PM
Hi Franco.
Thanks for the reply.
I'm thinking about swapping the VPN back to the original server and see if I start getting packet loss again.
If I do are there any logs I can capture that may help narrow down what is happening ?
Thanks
Thanks for the reply.
I'm thinking about swapping the VPN back to the original server and see if I start getting packet loss again.
If I do are there any logs I can capture that may help narrow down what is happening ?
Thanks
#41
21.7 Legacy Series / Re: Intermittent issue on all gateways when one has packet loss.
March 17, 2022, 07:57:10 PM
Hi
Has anyone any ideas on this ?
How can I find out what happens when one gateway has high packet loss ?
Thanks
Has anyone any ideas on this ?
How can I find out what happens when one gateway has high packet loss ?
Thanks
#42
21.7 Legacy Series / Intermittent issue on all gateways when one has packet loss.
March 16, 2022, 09:42:01 AM
Hi
I had some strange network issues yesterday when one gateway had packet loss.
My WAN is PPPoE and I have a Wireguard VPN to Private Internet Access
OPT1 LAN - 192.168.1.x
OPT3 Wifi - 10.10.1.x
All LAN devices use the WAN as there default route, all wifi devices use the PIA wireguard VPN.
This is all working well and has been stable for quite a long time.
Yesterday all devices started having intermittent issues accessing the internet. My PC connected to the LAN had issues with putty sessions and SIP Phones which would disconnect and instantly re connect. Ping would drop a couple of packets and then carry on as normal. My WAN connection has been up for 32+ days and all looks fine.
What I noticed was the PIA Gateway was reporting packet loss, once that hit 20% the PIA connection went down and the network devices, LAN & wifi, had a short session of issues. Once PIA connected again it all worked fine until the next session of packet loss.
I disabled Gateway monitoring on the PIA gateway and that seemed to stop the issues. I've since changed the PIA server I connect to and that seems to have resolved the issue and Gateway monitoring is working fine.
While this was happening CPU usage on my firewall was around 10%, memory @ 6% and no issues with disk space.
Why would one gateway having packet loss affect another gateway ?
Any ideas how I can investigate this ?
Thanks
I had some strange network issues yesterday when one gateway had packet loss.
My WAN is PPPoE and I have a Wireguard VPN to Private Internet Access
OPT1 LAN - 192.168.1.x
OPT3 Wifi - 10.10.1.x
All LAN devices use the WAN as there default route, all wifi devices use the PIA wireguard VPN.
This is all working well and has been stable for quite a long time.
Yesterday all devices started having intermittent issues accessing the internet. My PC connected to the LAN had issues with putty sessions and SIP Phones which would disconnect and instantly re connect. Ping would drop a couple of packets and then carry on as normal. My WAN connection has been up for 32+ days and all looks fine.
What I noticed was the PIA Gateway was reporting packet loss, once that hit 20% the PIA connection went down and the network devices, LAN & wifi, had a short session of issues. Once PIA connected again it all worked fine until the next session of packet loss.
I disabled Gateway monitoring on the PIA gateway and that seemed to stop the issues. I've since changed the PIA server I connect to and that seems to have resolved the issue and Gateway monitoring is working fine.
While this was happening CPU usage on my firewall was around 10%, memory @ 6% and no issues with disk space.
Why would one gateway having packet loss affect another gateway ?
Any ideas how I can investigate this ?
Thanks
#43
Virtual private networks / Script to setup and manage VPN like FingerlessGlov3s ?
March 15, 2022, 10:10:29 PM
Hi
I currently use the wireguard PrivateInternetAccess script from FingerlessGlov3s to manage my PIA connection.
I've started seeing a lot of packetloss regardless of which server I connect to, so I was hoping there may be a similar script for another VPN provider.
Is anyone aware of such a script ?
Thanks
I currently use the wireguard PrivateInternetAccess script from FingerlessGlov3s to manage my PIA connection.
I've started seeing a lot of packetloss regardless of which server I connect to, so I was hoping there may be a similar script for another VPN provider.
Is anyone aware of such a script ?
Thanks
#44
General Discussion / WireGuard List Configuration
May 06, 2021, 02:41:57 PM
Hi,
Once a connection is established with WireGuard the peer appears with data in the List Configuration.
Once the connection has been terminated the peer remains and shows the same as when connected, but the
'latest handshake' time obviously increases.
Is there any way to reset the peer details when the client has disconnected and the latest handshake is above xx minutes ?
I think this would make it easier to see if the client is still connected to the server.
Thanks
Once a connection is established with WireGuard the peer appears with data in the List Configuration.
Once the connection has been terminated the peer remains and shows the same as when connected, but the
'latest handshake' time obviously increases.
Is there any way to reset the peer details when the client has disconnected and the latest handshake is above xx minutes ?
I think this would make it easier to see if the client is still connected to the server.
Thanks
#45
Virtual private networks / WireGuard client not disconnecting.
May 03, 2021, 09:00:09 PM
Hi.
I've installed and configured WireGuard on my android phone. On the phone I enable the VPN and in OPNSense VPN / WireGuard / List Configuration I see my 4G IP Address showing and the VPN connection appears to be fine.
On the phone I disable the VPN, but List configuration shows it still active and data is still passing and I can connect via the VPN even though it is turned off on the phone.
On the handset how do I disable the VPN connection so it actually goes off ?
Thanks
I've installed and configured WireGuard on my android phone. On the phone I enable the VPN and in OPNSense VPN / WireGuard / List Configuration I see my 4G IP Address showing and the VPN connection appears to be fine.
On the phone I disable the VPN, but List configuration shows it still active and data is still passing and I can connect via the VPN even though it is turned off on the phone.
On the handset how do I disable the VPN connection so it actually goes off ?
Thanks
