"Recent posts
#1
26.1 Series / Re: missing/locked packages
Last post by Diggy - Today at 09:02:56 PMQuote from: Patrick M. Hausen on Today at 08:46:19 PMLocks are just a common icon for VPN related products or services. It's just a UI icon.
In the plugins menu, activate the "show community plugins" switch in the upper right corner.
Awesome. And thank you for the quick replies. :)
#2
26.1 Series / Re: missing/locked packages
Last post by Patrick M. Hausen - Today at 08:46:19 PMLocks are just a common icon for VPN related products or services. It's just a UI icon.
In the plugins menu, activate the "show community plugins" switch in the upper right corner.
In the plugins menu, activate the "show community plugins" switch in the upper right corner.
#3
26.1 Series / missing/locked packages
Last post by Diggy - Today at 08:40:36 PMQuestions about packages and services.
First, what does the locked icon next to the VPN services mean? Are those not available in the Community Edition?
Second, I read about (on a third party site) zabbix-agent, qemu-guest-agent and other packages that I am interested in. I'm not seeing them in the list of packages on my fresh install of OPNsense 26.1. Do I need to add a repository or something? Are they not available in the CE version?
Where can I find a comparison of the CE and Business Edition versions?
First, what does the locked icon next to the VPN services mean? Are those not available in the Community Edition?
Second, I read about (on a third party site) zabbix-agent, qemu-guest-agent and other packages that I am interested in. I'm not seeing them in the list of packages on my fresh install of OPNsense 26.1. Do I need to add a repository or something? Are they not available in the CE version?
Where can I find a comparison of the CE and Business Edition versions?
#4
General Discussion / sophos utm9 migration to OPNse...
Last post by pjottrr - Today at 08:08:58 PMHi all,
a few months ago we started prepping for a migration from sophos utm9 to OPNsense since sophos will end support in june 2026.
we are currently running sophos and opnsense both on a sophos xg 330, ( 2 identical devices)
since sophos is quite different compared to opnsense we decided to export the sophos configuration and using a bunch of scripts to extract the proper data, and import everything via the api.
so far what we have been able to export and import succesfull:
aliasses
allias groups ( it builds groups based on the firewall rules)
services
Services groups , (same as alias groups)
Firewall rules
nat rules
most WAF related things, creating a new ha-proxy config for every virtual webserver.
so i thought, since sophos utm is near EOL, maybe someone else can also benefit from those scripts.
i just started committing to github, so it is empty right now, but i expect the scripts to be there very soon
you can find the proper scripts on my github: https://github.com/pjottrr/sophosutm9_to_OPNsense_migrationtool
If you have any question, just send me a message
my native language is dutch
a few months ago we started prepping for a migration from sophos utm9 to OPNsense since sophos will end support in june 2026.
we are currently running sophos and opnsense both on a sophos xg 330, ( 2 identical devices)
since sophos is quite different compared to opnsense we decided to export the sophos configuration and using a bunch of scripts to extract the proper data, and import everything via the api.
so far what we have been able to export and import succesfull:
aliasses
allias groups ( it builds groups based on the firewall rules)
services
Services groups , (same as alias groups)
Firewall rules
nat rules
most WAF related things, creating a new ha-proxy config for every virtual webserver.
so i thought, since sophos utm is near EOL, maybe someone else can also benefit from those scripts.
i just started committing to github, so it is empty right now, but i expect the scripts to be there very soon
you can find the proper scripts on my github: https://github.com/pjottrr/sophosutm9_to_OPNsense_migrationtool
If you have any question, just send me a message
my native language is dutch
#5
26.1 Series / Re: Domain Overrides for the D...
Last post by Patrick M. Hausen - Today at 07:01:04 PMAh ... yes that was changed some releases ago. Before that it was all in Overrides, now forwarding is separate. My bad.
#6
26.1 Series / Re: Domain Overrides for the D...
Last post by Diggy - Today at 06:54:33 PMOh. I found it. I must be going blind.
Services > Unbound DNS > Query Forwarding.
Services > Unbound DNS > Query Forwarding.
#7
26.1 Series / Re: Domain Overrides for the D...
Last post by Diggy - Today at 06:51:56 PMThanks, but "Services > Unbound DNS > Overrides" isn't what I need. That only allows for individual hosts defined on the opnSense router.
I need the DNS server on opnSense to query specific servers for specific domains rather than starting with the root downward.
For example, we have an internal domain named "example.org". On the DNS server on pfSense we can create an entry that says for "example.org", ask DNS server "192.168.1.100" for anything about/under "example.org".
I need the DNS server on opnSense to query specific servers for specific domains rather than starting with the root downward.
For example, we have an internal domain named "example.org". On the DNS server on pfSense we can create an entry that says for "example.org", ask DNS server "192.168.1.100" for anything about/under "example.org".
#8
26.1 Series / Re: Domain Overrides for the D...
Last post by Patrick M. Hausen - Today at 06:37:41 PMServices > Unbound DNS > Overrides
#9
Hardware and Performance / Re: Adapts to Marvell AQC113C-...
Last post by Seimus - Today at 06:31:27 PMI put my my LAB device into PROD to test it. I wanted to test on my deployment that has LAGGs as well netmap usage.
I found few critical things that are not working. Here are my findings
The working part:
AQ driver loads after boot
NICs get proper MACs
LLDP works per port, properly sending packets
LACP/LAGG can be established, all LACP based flags are properly exchanged and peers are established
The not working part:
When setting VLAN over the LAGG created on AQ no traffic passes
Looks like for some reason when configuring a VLAN over a LAGG created on the AQs traffic is not being passed. I tried with mixed LAGG (intel + AQ) as well non-mixed LAGG (only AQ).
Regards,
S.
I found few critical things that are not working. Here are my findings
The working part:
AQ driver loads after boot
NICs get proper MACs
LLDP works per port, properly sending packets
LACP/LAGG can be established, all LACP based flags are properly exchanged and peers are established
The not working part:
When setting VLAN over the LAGG created on AQ no traffic passes
Looks like for some reason when configuring a VLAN over a LAGG created on the AQs traffic is not being passed. I tried with mixed LAGG (intel + AQ) as well non-mixed LAGG (only AQ).
Regards,
S.
#10
26.1 Series / Domain Overrides for the DNS s...
Last post by Diggy - Today at 06:28:06 PMHi. I am tasked with building a new opnSense router to replace our existing pfSense router.
On the pfSense router we use "Domain Overrides" feature of the DNS server to point to our internal DNS servers for our internal domains. I'm not seeing a similar option in opnSense. Am I missing something? Is there a DNS Server package I need to install for that option? Your guidance and patience is appreciated as I learn the opnSense ways. LOL.
On the pfSense router we use "Domain Overrides" feature of the DNS server to point to our internal DNS servers for our internal domains. I'm not seeing a similar option in opnSense. Am I missing something? Is there a DNS Server package I need to install for that option? Your guidance and patience is appreciated as I learn the opnSense ways. LOL.
