"Recent posts
#1
General Discussion / Re: VLAN DHCP not working
Last post by viragomann - Today at 07:45:10 PMQuote from: ivpenna on Today at 07:21:04 PMThen I created in OPNSense a VLAN to connect the IoT devices that are in this room. DHCP server is enabled for this interface (192.168.100.0/24This is the LAN subnet. I don't think, you want to connect the devices to LAN.
What's about the access point?
You connected it to a tagged switch port. Hence you have to configure the VLAN on the AP as well.
#2
General Discussion / Re: Micron exits consumer mark...
Last post by qarkhs - Today at 07:24:31 PMQuote from: OPNenthu on December 09, 2025, 07:36:37 PMThe data centers are not employing people, least of all locals. That's a lie. They're bringing in experts to set them up and then they run autonomously more or less.
For those interested in such matters, this just dropped: A discussion of the experience with data centers and jobs in the state of Michigan.
https://www.techpolicy.press/michigan-offers-handouts-for-data-centers-promising-jobs-will-those-jobs-come/
#3
General Discussion / VLAN DHCP not working
Last post by ivpenna - Today at 07:21:04 PMHello!
I'am running an appliance with OPNSense:
Versions
OPNsense 25.7.9-amd64
FreeBSD 14.3-RELEASE-p5
OpenSSL 3.0.18
That's my first time VLAN configuration. First I followed the step showed by this link: https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-vlan-on-opnsense
That's the overview:
Interfaces:
LAN01: 192.168.1.0/24 (DHCP server enabled) - general purpose)
LAN02: 192.168.100.0/24 (DHCP server enabled - IoT devices)
VLAN01: 192.168.101.0/24 (DHCP server enabled - IoT devices - Parent to LAN01, VLAN TAG 20)
So, there is only one cable that goes to this distant room and it's connected to the LAN01 (blue). Yellow dashed line area shows the devices that must be configured.
https://ibb.co/N6jfbpVD
Then I created in OPNSense a VLAN to connect the IoT devices that are in this room. DHCP server is enabled for this interface (192.168.101.0/24)
https://ibb.co/p6BRXzp6
- Both switches are managed (TP-Link showed in the picture). Here is the configuration.
https://ibb.co/DgDM2Mpv
https://ibb.co/35b81sDN
The IoT devices in this room are not even getting an IP. What am I missing?
Thanks in advance.
I'am running an appliance with OPNSense:
Versions
OPNsense 25.7.9-amd64
FreeBSD 14.3-RELEASE-p5
OpenSSL 3.0.18
That's my first time VLAN configuration. First I followed the step showed by this link: https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-vlan-on-opnsense
That's the overview:
Interfaces:
LAN01: 192.168.1.0/24 (DHCP server enabled) - general purpose)
LAN02: 192.168.100.0/24 (DHCP server enabled - IoT devices)
VLAN01: 192.168.101.0/24 (DHCP server enabled - IoT devices - Parent to LAN01, VLAN TAG 20)
So, there is only one cable that goes to this distant room and it's connected to the LAN01 (blue). Yellow dashed line area shows the devices that must be configured.
https://ibb.co/N6jfbpVD
Then I created in OPNSense a VLAN to connect the IoT devices that are in this room. DHCP server is enabled for this interface (192.168.101.0/24)
https://ibb.co/p6BRXzp6
- Both switches are managed (TP-Link showed in the picture). Here is the configuration.
https://ibb.co/DgDM2Mpv
https://ibb.co/35b81sDN
The IoT devices in this room are not even getting an IP. What am I missing?
Thanks in advance.
#4
25.7, 25.10 Series / Re: XML backup file not reflec...
Last post by jptferreira - Today at 05:55:10 PMI had to change configurations and create rules to forward to 127.0.0.1. Different configurations made it work fine for openvpn. Need to to continue and try with ipsec, Will post result.
#5
25.7, 25.10 Series / Re: Error popup: The release t...
Last post by franco - Today at 05:39:54 PMhttps://github.com/opnsense/changelog/blob/master/community/25.7/25.7.6#L9-L14
It will forever be the most critical cosmetic stain on the firmware upgrade code in a ten year project history. If we could influence the behaviour of the package manager we would have, but it's basically a choice someone else made.
The package manager isn't bad at all, but sometimes you can see that Unix tools are written to be operated by people who can tolerate a different output. In this case the GUI which hasn't changed in years couldn't handle the new pkg behaviour. It was fixed immediately, but it requires an update which requires a package manager update which requires a time machine so I can go back in time and fix 25.7 just so that the bug would never appear.
Also a short shoutout to the console update which is immune to such package manager oddities on upgrades. That's how it was designed as it doesn't have to read the list of packages to be updated to display it to the user.
Just my 2 cents for due diligence. Don't take it too seriously.
Cheers,
Franco
It will forever be the most critical cosmetic stain on the firmware upgrade code in a ten year project history. If we could influence the behaviour of the package manager we would have, but it's basically a choice someone else made.
The package manager isn't bad at all, but sometimes you can see that Unix tools are written to be operated by people who can tolerate a different output. In this case the GUI which hasn't changed in years couldn't handle the new pkg behaviour. It was fixed immediately, but it requires an update which requires a package manager update which requires a time machine so I can go back in time and fix 25.7 just so that the bug would never appear.
Also a short shoutout to the console update which is immune to such package manager oddities on upgrades. That's how it was designed as it doesn't have to read the list of packages to be updated to display it to the user.
Just my 2 cents for due diligence. Don't take it too seriously.
Cheers,
Franco
#6
25.7, 25.10 Series / Re: Error popup: The release t...
Last post by olluz - Today at 05:02:31 PMCan't find where it is documented, can you please share a link ?
I find it irritating to deliberately try to confuse new users with something that looks like a bug right after installing OPNsense, but that is just my 2 cents.
I find it irritating to deliberately try to confuse new users with something that looks like a bug right after installing OPNsense, but that is just my 2 cents.
#7
25.7, 25.10 Series / XML backup file not reflecting...
Last post by jptferreira - Today at 04:57:17 PMI've found several issues where I can't have openvpn sharing the same main public ip and because I've a 3CX instance (working fine), everytime a vpn client connects it shows on the logs that it is forwarded to the 3cx internal IP. There are no rules for it anywhere.
I've older releases working fine. This is the 25.10 and I"m stuck as I can't setup a ipsec tunnel or openvpn for clients.
I tried to switch openvpn to another public but while it shows the changes in the web interface still doesn't work and those changes aren't applied even on the xml backup file.
Any ideas how to overcome this issue?
Thanks!
I've older releases working fine. This is the 25.10 and I"m stuck as I can't setup a ipsec tunnel or openvpn for clients.
I tried to switch openvpn to another public but while it shows the changes in the web interface still doesn't work and those changes aren't applied even on the xml backup file.
Any ideas how to overcome this issue?
Thanks!
#8
25.7, 25.10 Series / Re: os-OPNWAF / Exchange 2019 ...
Last post by Monviech (Cedrik) - Today at 04:47:07 PMI already have the UTM files, we just have to go through the differences one by one.
How about as next step we only create a single location:
Remove all of the "Location /..." blocks until "#End ExchangeHttps" (so in autodiscover. and in mail. ...)
Just create a single one with /.
So e.g.
How about as next step we only create a single location:
Remove all of the "Location /..." blocks until "#End ExchangeHttps" (so in autodiscover. and in mail. ...)
Just create a single one with /.
So e.g.
Code Select
<Location />
ProxyPass https://10.10.10.5/ connectiontimeout=900
ProxyPassReverse https://10.10.10.5/
</Location>
#9
25.7, 25.10 Series / Re: os-OPNWAF / Exchange 2019 ...
Last post by humnab - Today at 04:34:53 PMHello,
commenting the both lines out + service apache24 restart also didn't help in our environment:
cat /usr/local/etc/apache24/Includes/gateway_vhosts.conf | grep "Redirect / /owa/"
# Redirect / /owa/
# Redirect / /owa/
The popups still appear.
For our environment the problem was from the beginning with OPNWAF, but the opnsense runs onyl sinde 2 weeks...
We can debug or give you access to the firewall, for now the opnsense runs parallel to the UTM and is not really in use from internal or external (default GW is still the UTM, the DNS Records point to the UTM public IPs, when I test the OPNWAF I edit my hosts file)
commenting the both lines out + service apache24 restart also didn't help in our environment:
cat /usr/local/etc/apache24/Includes/gateway_vhosts.conf | grep "Redirect / /owa/"
# Redirect / /owa/
# Redirect / /owa/
The popups still appear.
For our environment the problem was from the beginning with OPNWAF, but the opnsense runs onyl sinde 2 weeks...
We can debug or give you access to the firewall, for now the opnsense runs parallel to the UTM and is not really in use from internal or external (default GW is still the UTM, the DNS Records point to the UTM public IPs, when I test the OPNWAF I edit my hosts file)
#10
General Discussion / Re: Micron exits consumer mark...
Last post by Greg_E - Today at 03:53:46 PMQuote from: OPNenthu on December 09, 2025, 07:36:37 PMThe data centers are not employing people, least of all locals. That's a lie. They're bringing in experts to set them up and then they run autonomously more or less.
Now if the politicians throwing money at these projects would listen to this, one of the great selling points would be lost.
