Recent posts

Pages1 2 3 ... 10
#1
General Discussion / Re: Hello all! And thank you ...
Last post by BrandyWine - Today at 04:21:17 AM
Quote from: sopex on June 09, 2026, 05:28:05 PMDoes the firewall itself have internet access?
Also, since you are a beginner I would first try opnsense on the actual hardware, except if you already have proxmox experience.
.........  and, ....... at least read all the official OPNsense documentation, as there's plenty to read.
#2
Hardware and Performance / Re: Sanity check for N100 / i2...
Last post by pfry - Today at 02:03:29 AM
I didn't have PCI-e clock on my bingo card. I probably should have, as I have an AMD B650 system where its e810 card will not run at 16Gt/s (v4) in a CPU slot, but will in the chipset slot (the two available slots are both x4). So I habitually look at pciconf when I put together FreeBSD/OPNsense systems.
#3
General Discussion / Re: Hello all! And thank you ...
Last post by nero355 - Today at 01:10:54 AM
Quote from: donkeydiq on June 09, 2026, 05:06:37 PMI am completely lost.
It seems your ENTER key got lost too :P

Anyways...

Read this : https://forum.opnsense.org/index.php?topic=44159.0
If you are going to continue with the Proxmox VM setup for OPNsense :)

The best thing you can do is read both the Proxmox and OPNsense Documentation and try to learn how everything works together.
There is no other way IMHO because when stuff stops working it's YOU who needs to know how to fix it!
#4
General Discussion / Re: newbie trying to set up ne...
Last post by nero355 - Today at 01:05:44 AM
Quote from: RobertoZ on June 09, 2026, 07:37:11 PMConfigure it to get an automatic IP from upstream DHCP server (OPNsense)
I always do two things :
- Give important devices their own Static IP Address configuration.
- Only configure a Static DHCP Mapping based on the MAC Address as the backup option for that configuration in case something breaks in the OS because of some update or whatever...

I would never use just one of the above on my network(s) :)
#5
Hardware and Performance / Re: Sanity check for N100 / i2...
Last post by nero355 - Today at 12:58:08 AM
Quote from: Ozymandias on June 09, 2026, 06:31:49 PMAfter dabbling with Alpine and going back into the bios I realised that PCIe 1 and 2 were set to Gen1 (I did think I had changed them to Auto a number of years ago). After amending to both to Auto I'm now getting 2.10 Gbits/sec to a public server from OPNsense, 2.12 Gbits/sec from Win11, and 2.35 Gbits/sec OPNsense to Unraid. Thanks for all the input.
LOL! I totally forgot that part! NICE! :)
#6
Virtual private networks / Re: Exclude some local subnets...
Last post by toggenation - Today at 12:26:35 AM
Can get the result wanted by adding the following to the .ovpn file you give to the client

Code Select
redirect-gateway def1 ipv6
route 10.19.80.0 255.255.255.0 net_gateway
#7
German - Deutsch / Re: Protectli VP2430 – 4x 2.5G...
Last post by Jayfrog - June 09, 2026, 11:35:35 PM
Quote from: ziegler on June 05, 2026, 10:38:05 PMIch werde mir jetzt die VP2430 kaufen und meine RAM testen.
Protectli hat den nicht getestet und auf die getesteten Modelle verwiesen.

Coreboot ist aber glaube ich die Empfelung von Protectli.


Ja,korrekt, Protectli empfiehlt Coreboot und Coreboot wird ja ebenfalls aktiv und breit entwickelt, somit sollte der RAM auch funktionieren.

Wenn du noch Teile selbst hast, solltest du aber ohnehin erst das testen was das du hast, weil im schlechtesten Fall muss du auch nur das kaufen was du unter Umständen bei Protectli mit gekauft hättest und die geben auf diese Teile auch keinen besonderen Rabatt.

Es wäre also dumm nicht erst zu testen ob die vorhandene Hardware geht oder nicht. Lg
#8
26.1, 26,4 Series / Re: IPsec/Strongswan CVE-2026-...
Last post by franco - June 09, 2026, 09:49:40 PM
Yep fixed in 6.0.7 so we're looking at that for 26.1.10

https://github.com/strongswan/strongswan/releases/tag/6.0.7
#9
General Discussion / Re: Allow IGMP queries on WAN ...
Last post by dan786 - June 09, 2026, 09:04:38 PM
Comcast and cox is not in my  intermediate area.  Used have dsl but that shifted to cell service and supposedly  fiber in there . Spectrum mainly what it is here. I have noticed with certain rounters they seem to accept igmp from wan  like the flint2 rounters. My network on the small size like yours and i dont have anything that requires that.   
#10
26.1, 26,4 Series / Re: IPsec/Strongswan CVE-2026-...
Last post by Monviech (Cedrik) - June 09, 2026, 08:43:16 PM
Scope of this seems to be pretty contained:

Servers that don't use EAP or XAuth authentication are not vulnerable to remote attacks.
Pages1 2 3 ... 10