Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - hfvk

Pages1
#1
24.1, 24.4 Legacy Series / [SOLVED] KEA dhcpd not serving all subnets after reboot
February 24, 2024, 08:31:34 PM
I am testing KEA dhcpd on OPNsense 24.1.2_1-amd64.

I have configured five subnets (LAN + four VLANs) for which KEA is the dhcp server:
192.168.22.0/24 (LAN)
192.168.202.0/24 (VLAN 2)
192.168.205.0/24 (VLAN 5)
192.168.210.0/24 (VLAN 10)
192.168.220.0/24 (VLAN 20)

Everything is fine until I reboot the system. After reboot I see the following warning in the KEA log file:

WARN [kea-dhcp4.dhcpsrv.0x835bc5000] DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: the interface em0 is not running

It seems like KEA is starting before the em0 interface (which is the interface for the LAN and VLANs).

However, KEA seems to start and servers fine on the VLAN-intefaces but does not provide DHCP leases for the LAN interface. Once I restart the KEA service, it starts serving on both LAN interface and VLANs.

Again, when I reboot the system, the same issue occurs until I manually restart KEA.

Is this a known issue and is there any workaround for the issue? Is there any information I can provide for inspecting this further?
#2
Zenarmor (Sensei) / [SOLVED] os-sensei-db (missing)
February 21, 2024, 08:01:46 PM
Just upgraded my OPNsense installation from 23.7.11 to 24.1.2.

I also upgraded Zenarmor from 1.16.1 to 1.16.3.

Now I see red os-sensei-db (missing) line at System -> Firmware -> Plugins.

I have tried both Resolve Plugin Conflicts -> Run the automatic resolver and Reset all local conflicts but the problem remains.

Some old threads suggest to reinstall Zenarmor to solve this issue but I was wondering if there is a way to fix whit problem without reinstalling Zenarmor.

OPNsense 24.1.2_1-amd64
FreeBSD 13.2-RELEASE-p10
OpenSSL 3.0.13
#3
Zenarmor (Sensei) / Cloud node issue
December 23, 2022, 06:52:18 AM
Hello all and thanks for the great Zenarmor software!

I am having the following issue with cloude nodes:
Europe & Europe2 are DOWN. When I click "check now" (on Zenarmor status page) they become UP for a while but then eventually down again. Rebooting the system does not help. I have this issue on two separate firewalls. Both are running:
Engine version 1.12.1
DB version 1.12.22112919
OPNsense 22.7.10_2-amd64
FreeBSD 13.1-RELEASE-p5
OpenSSL 1.1.1s 1 Nov 2022

ping 35.198.172.108 and ping 34.65.117.157 seem to be alright.

Any ideas how to analyze this further?
#4
Zenarmor (Sensei) / 1.11 release date
March 09, 2022, 07:39:34 PM
I think Zenarmor Sensei is absolutely fantastic product! Any ideas when the 1.11 version will be released?
#5
20.7 Legacy Series / Unbound DNSBL - logging blocked queries
January 01, 2021, 02:47:11 PM
I know this topic has been discussed earlier but I haven't yet found a solution for this.

So, I am on OPNsense 20.7.7. I am using Unbound and DNSBL to filter DNS queries. I have enabled Advanced Settings / Log Queries and I have also set loglevel to 5. I am not still seeing from the log what queries are being blocked.

Does anybody have any idea how to check what queries are being blocked by the DNSBL blacklists?
#6
20.7 Legacy Series / Feature request: OpenVPN client-to-client config option
September 24, 2020, 07:58:41 AM
Hello,

OPNsense is a wonderfull product, thank you for all the development!

I am using OpenVPN server on OPNsense router and I also permit client-to-client traffic. For this reason, I need to enable client-to-client OpenVPN option using the Advanced configuration options in the OpenVPN server config page.

As the page states, the Advanced configuration option will be removed in the future. Thus, I suggest that client-to-client setting would have its own checkbox on the config page so that there would be no need to use the advanced config dialog.

Any thoughts on this?
#7
20.7 Legacy Series / SOLVED Sensei 1.6 blocking Spotify
September 17, 2020, 12:23:43 PM
Hello,

Just upgraded Sensei 1.5 to 1.6. I did not change any configs. Now Sensei is blocking all Spotify connections. I have verified this by:
1) disable Sensei -> Spotify works
2) enable Sensei -> Spotify does not even open (iPhone, iPad, Apple TV)

Is anyone else experiencing similar issues?

I'm running on:
OPNsense 20.7.2-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020

Sensei:
Engine Version:   1.6   Last Update: 09/17/2020 05:45
App & Rules DB Version:   1.6.20200910121420   Last Update: 09/17/2020 05:45
#8
20.7 Legacy Series / Sensei App & Rules DB not updating
September 08, 2020, 06:31:13 AM
Hello,

I have two OPNsense installations with identical HW. Both are running:
OPNsense 20.7.2-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020

Both are running Sensei version:
Engine Version:   1.5.2_1   Last Update: 08/01/2020 07:34

The problem is that Site A has App & rules DB version:
App & Rules DB Version:   1.5.20200612133834   Last Update: 06/12/2020 23:38

And the Site B:
App & Rules DB Version:   1.5.20200724174736   Last Update: 08/01/2020 07:34

For me it seems that Site A has outdated App & rules DB version. However, when I click "check updates" link on Sensei Status page on Site A, it reports that the DB is up-to-date (it isn't since I can see that the identical Site B has a newer DB).

Any ideas how to force the DB update on Site A?
#9
20.1 Legacy Series / Dynamic DNS issue (no-ip)
July 03, 2020, 06:07:39 PM
Hello,

I just updated my system to OPNsense 20.1.8-amd64. For some reason, I am not able to create new Dynamic DNS settings (I am using free NO-IP service) or modify existing settings.

I get the following error when I try to 1) create a new rule or 2) modify existing rule:
The TTL value needs to be a valid integer number.

Is it just me or are others experiencing similar issues? The existing no-ip settings are working fine but I cannot modify the or create new rules.
Pages1