"Recent posts
#1
German - Deutsch / Re: Erfahrungen bei ersten Geh...
Last post by fastboot - Today at 06:19:03 AMMoinsen :)
Hab nun nicht alles durchgelesen, muss gleich zur Arbeit.
Allerdings sind in solchen Fällen meine besten Freunde immer: tcpdump, ping und traceroute.
Ich hatte selbst jahrelang ein double nat szenario mit einer Fritte. Lief anstandslos. Allerdings sollte man bedenken, dass die Fritzbox die netze hinter der Firewall nicht kennt. Also entweder natted oder routed man. Nebenher ist das LAN bei eine standardinstallation kein VLAN, wenn das nicht explizit so eingerichtet wurde. Der Fritzbox sind die VLANs hinter der FW allerdings auch herzlich egal :)
Hab nun nicht alles durchgelesen, muss gleich zur Arbeit.
Allerdings sind in solchen Fällen meine besten Freunde immer: tcpdump, ping und traceroute.
Ich hatte selbst jahrelang ein double nat szenario mit einer Fritte. Lief anstandslos. Allerdings sollte man bedenken, dass die Fritzbox die netze hinter der Firewall nicht kennt. Also entweder natted oder routed man. Nebenher ist das LAN bei eine standardinstallation kein VLAN, wenn das nicht explizit so eingerichtet wurde. Der Fritzbox sind die VLANs hinter der FW allerdings auch herzlich egal :)
#2
German - Deutsch / Re: IPv6 PD hinter FritzBox nu...
Last post by Maurice - Today at 03:41:52 AMLooks like you may have somehow managed to enable radvd on your WAN interface? This should be mutually exclusive - you can either run rtsold (on WAN-type interfaces) or radvd (on LAN-type interfaces), but never both. Check your config.xml as well as /var/etc/radvd.conf.
Cheers
Maurice
[edit] Sorry, bin mit den Sprachen durcheinander gekommen. Ich sollte um die Zeit vielleicht nicht mehr posten. 🥱[/edit]
Cheers
Maurice
[edit] Sorry, bin mit den Sprachen durcheinander gekommen. Ich sollte um die Zeit vielleicht nicht mehr posten. 🥱[/edit]
#3
25.7, 25.10 Legacy Series / Re: Cant Login, even after pas...
Last post by leafy - Today at 03:02:48 AMThanks. I'm still struggling. I changed the password has in the config.xml to be $2y$10$vGA7jFHBhBGJCMiYsFzVUeAMaS5RabQNwMaZMdkdDfbyxWA5ZRPIG
Which should be 'admin' and still no luck on being able to login. I confirmed that my change held through a reboot and I confirmed that the username I was changing the password for was correct. Still unable to login via web gui or console.
Which should be 'admin' and still no luck on being able to login. I confirmed that my change held through a reboot and I confirmed that the username I was changing the password for was correct. Still unable to login via web gui or console.
#4
26.1, 26,4 Series / Re: Unbound errors after 26.4 ...
Last post by newsense - Today at 12:49:07 AMTry enabling the lists one by one and see which one blows up
#5
26.1, 26,4 Series / Unbound errors after 26.4 upgr...
Last post by DEC740airp414user - Today at 12:20:49 AMWill give it over night but have gotten these after the upgrade 3 hours ago :
I didn't realize I was getting them until I checked the error logs:
[82573:0] error: dnsbl_module: unable to parse blocklist file: incompatible blocklist. Please re-apply the blocklist settings.
I then left them checked:
Abuse.ch
Hagazi pro
Oisd big
Adguard
Stevenblack
And the qfeeds pro list added manually
Then it's giving the attached after I hit reapply
I didn't realize I was getting them until I checked the error logs:
[82573:0] error: dnsbl_module: unable to parse blocklist file: incompatible blocklist. Please re-apply the blocklist settings.
I then left them checked:
Abuse.ch
Hagazi pro
Oisd big
Adguard
Stevenblack
And the qfeeds pro list added manually
Then it's giving the attached after I hit reapply
#6
26.1, 26,4 Series / Re: tunables set to unknown va...
Last post by firefart - April 15, 2026, 11:02:11 PMHaving the same question (and also that weird sysctl behaviour where the values do not match): https://forum.opnsense.org/index.php?topic=51617.0
#7
25.7, 25.10 Legacy Series / Re: Android 16 and NDP cache
Last post by Patrick M. Hausen - April 15, 2026, 10:10:21 PMRA always works with multicast. Multicast is a mandatory part of IPv6.
To make sure you at least have the chance that everything works with the bridge as intended, make sure to
- set the two tunables from step 6 of the LAN bridge guide in the docs
- assign the LAN interface with IP addresses (v4 and v6) to the bridge interface and not any of the members
- do not assign any of the member interfaces, especially never configure an IP address on a bridge member
If that is all configured correctly, I do not see why you should not use a 6 port PC as a 5 port "switch" just like any consumer router. Only do not expect 10 G speeds. But 1 G is perfectly fine. The FreeBSD bridge is better than some say.
HTH,
Patrick
To make sure you at least have the chance that everything works with the bridge as intended, make sure to
- set the two tunables from step 6 of the LAN bridge guide in the docs
- assign the LAN interface with IP addresses (v4 and v6) to the bridge interface and not any of the members
- do not assign any of the member interfaces, especially never configure an IP address on a bridge member
If that is all configured correctly, I do not see why you should not use a 6 port PC as a 5 port "switch" just like any consumer router. Only do not expect 10 G speeds. But 1 G is perfectly fine. The FreeBSD bridge is better than some say.
HTH,
Patrick
#8
26.1, 26,4 Series / Firewall log and wireguard log...
Last post by FredFresh - April 15, 2026, 10:10:17 PMSuddenly today the log of the firewall rules and the log of wireguard stopped: both stopped to update / add lines.
I tried a couple of time to reboot, no solution.
Tried to switch off and wait a couple of minute before to restart, still no solution.
I am using the 26.1.6
Any suggestion?
I tried a couple of time to reboot, no solution.
Tried to switch off and wait a couple of minute before to restart, still no solution.
I am using the 26.1.6
Any suggestion?
#9
25.7, 25.10 Legacy Series / Re: Android 16 and NDP cache
Last post by nero355 - April 15, 2026, 10:08:11 PMQuote from: reinob on April 15, 2026, 09:49:32 PMOriginally I thought that having 6 ports directly on the firewall mini-PC (the brand is "sharedvi" and has 6x i226) would be cool, but now I see that the Unix philosophy always wins, and I should have bought a 2-port thing and a proper switchI disagree : It's great to have one NIC Port for each Network and maybe only use the 6th one for assigning VLAN Interfaces to it :)
I have done the same with the 4 NIC Ports that my OPNsense has :
- NIC Port 0 = WAN
- NIC Port 1 = Default LAN as Management Network for all devices.
- NIC Port 2 = Home Network
- NIC Port 3 = Guest VLAN Interface assigned and any other stuff in the future...
#10
General Discussion / Re: Ubiquity Cloud Fiber Gatew...
Last post by t84a - April 15, 2026, 09:58:48 PMQuote from: patient0 on April 15, 2026, 08:02:35 PMQuote from: t84a on April 15, 2026, 04:24:06 PMAnyone have any experience with these? I'm looking to migrate from OPNSense to one. ThanksMaybe the UI community forum, https://community.ui.com/ ?
Having said that, I do use a not-cloud Fiber Gateway (UXG-Fiber). Price/performance is great but of course not as many features as OPNsense. I use Technitium for DNS and don't use IDS at all + some region blocking (but not really necessary since I don't have any web services accessible from the internet). IPv6 is missing features but generally works.
What features are using on your OPNsense?
Not many. I'm not having the success with OPNSense as others and haven't had luck getting help. Thanks
