Messages

Hi there,

I wanted to document what happened to our installation of Opnsense while upgrading to the latest version.
Let me start that, at the end, I had to reinstall, but the configuration has been imported from the system so it was quick and painless - nice feature, btw  :)

So, I started the upgrade as ofthen through the web interface and all went seemingly smoothly.
After the first reboot, the system didn't come back online, so I checked. The console was full of errors, with the mayor seemingly a Python error (more on this later) and the complaint, that systemd is not running. I was able to get to a shell, but with no internet connection and my limited experience on FreeBSD, I was not able to do much.

One of the errors that I saw was a Python error, while running /usr/local/opnsense/service/configd.py, complaining about a missing module "jinja2". Goinbg at it with the "pkg" package manager, there were several missing Python modules marked as required but not installed. And, as I had no connection, I decided to reinstall.

Maybe this was only a localized issue, but I still wanted to report it. If there are any logfiles that could be helpful please let me know and I will gladly collect anything usable.

best regards
Lukas

Hi there,
I am successfully running an OpenVPN roadwarrior setup with multiple machines connecting to OpnSense without issues. Now I would make it possible to access those machines via DNS names instead of IP only (so, instead of using 10.10.0.5, I'd like to be able to use something like 'roadwarrior01'). Is there any straightforward way to register the common name of the roadwarrior in the DNS forwarder, like the DHCP leases are being registered?

Thanks
Lukas

Hi Ad,

it seems to work now well. Maybe it was really only a matter of rebooting the system.
Thanks  :)

Hi Ad,
actually I had to try several things to get it back working. Seems that I had to both reboot the DSL router as well as OPNsense. It worked flawlessy for about 24 hours and now it's down again. The funny thing is that OPNsense detects a "link down" situation even if it is working. Only a reboot of the upstream router helps here.

Hi Guys,
I did the upgrade to 16.7 yesterday and it all went smoothly - apparently, at least.
I found out that a part of our network lost internet access since the upgrade, and exactly this part (the Guest WLAN) is using a different interface to access the internet. Basically, I am using an PPPoE connection as the main WAN connection, and a router (located at 192.168.0.6) as a second connection for the Guest WLAN.

I did several tests, and it seems that OPNsense is unable to use that router to access the internet. I currently have it configured as a gateway and didn't change anything, so I am unsure about what might be wrong. Any hints?

Thanks
Lukas

Ok found out the problem.
Basically I copy/pasted the MAC address with a space at the end, which obviously was interpreted as a non-MAC character. Probabily it would be nice to get it trimmed before testing, but hey, my fault  ;)

Thanks again
Lukas

Oh god, right, now it works :)
But when entering more than one address, I get the error "Please enter valid mac addresses". (see screenshot)

So one address works fine, when I try to add a second it doesn't ...

Hi there,

while experimenting with the captive portal, I noticed that I am unable to set any MAC address (like "b0:df:3a:0b:e6:be") under "Allowed MAC addresses".
I can edit the field, but once I hit "Save" it is not saved (and of course not applied). Am I doing something wrong here?

OPNsense 16.1.9-amd64   
FreeBSD 10.2-RELEASE-p14   
OpenSSL 1.0.2g 1 Mar 2016

Thanks
Lukas

Hi Ad,

I think that the solution with the checkbox would be more than fine. I would use the captive portal for hotel guests, and a too complicated username (for the password it's not as bad I guess) could lead to complaints  ;D

Anyway, OPNsense is truly great and I am very happy that I went installing it right away once it came out, instead of using pfSense. I used to use Endian firewall, but that stuff was simply not working anymore for my needs...

Ok!
But now tell me, what was wrong? Did I set something odd?

Sir, it is working now!  :)
What did you do to get it working?

Btw, is there any way to change the complexity of the vouchers? Like, avoid special chars in the username?

Oh interesting...

The EOLO interface is up (see screenshot).

I tried to disable it, in which case I simply have no internet access (neither on the Guest wlan, nor on my internal LAN).

Done :)

I reapplied the settings several times, as I also rebooted the firewall and used different mobile devices.
I dunno, maybe there is something wrong with the firewall rules? Like allowing access all the time?

Here we go :)