Recent posts

#1

German - Deutsch / OpenVPN Fehlermeldungen beim U...

Last post by superwinni2 - Today at 07:16:48 PM

Hallo ich erhalte beim Update der OPNsense immer folgende Meldungen:

Code Select Expand

***GOT REQUEST TO UPDATE***
Currently running OPNsense 26.1.4 (amd64) at Wed Mar 25 19:06:34 CET 2026
[....]
>>> Invoking update script 'refresh.sh'
Migrated OPNsense\Dnsmasq\Dnsmasq from 1.0.8 to 1.0.9
Migrated OPNsense\Kea\KeaDdns from 0.0.0 to 1.0.0
[OPNsense\OpenVPN\OpenVPN:Overwrites.Overwrite.ccbd4c7e-2ad5-4543-a330-da4033cb25d9.servers] Option [2] not in list.{2}
Model OPNsense\OpenVPN\OpenVPN can't be saved, skip ( OPNsense\Base\ValidationException: [OPNsense\OpenVPN\OpenVPN:Overwrites.Overwrite.ccbd4c7e-2ad5-4543-a330-da4033cb25d9.servers] Option [2] not in list.{2}
 in /usr/local/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php:822
Stack trace:
#0 /usr/local/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php(947): OPNsense\Base\BaseModel->serializeToConfig()
#1 /usr/local/opnsense/mvc/script/run_migrations.php(69): OPNsense\Base\BaseModel->runMigrations()
#2 {main} )
*** OPNsense\OpenVPN\OpenVPN migration failed from 0.0.0 to 1.0.1, check log for details
Flushing all caches...done.
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
[.....]
Flushing temporary package files... done
Starting web GUI...done.
***DONE***



Was sind das für Fehler?
Irgendwas mit OpenVPN kann ich herauslesen.

Daher habe ich gedacht ich schaue im FileSystem mal nach ob es dort irgendwas mit Openvpn und dem Instanznamen gibt.
Leider bin ich hier nicht fündig geworden.
Die Instanz 7f5c5a52-c2b4-4e95-9043-41efd883a950 ist meine aktuell einzige Instanz welche bei mir läuft.

Code Select Expand

root@OPNsense1:~ # find / |grep openvpn
/usr/local/include/openvpn-plugin.h
/usr/local/include/openvpn-msg.h
/usr/local/sbin/openvpn
/usr/local/sbin/openvpn-client
/usr/local/lib/openvpn
/usr/local/lib/openvpn/plugins
/usr/local/lib/openvpn/plugins/openvpn-plugin-down-root.so
/usr/local/lib/openvpn/plugins/openvpn-plugin-auth-pam.so
/usr/local/share/licenses/openvpn-2.6.19
/usr/local/share/licenses/openvpn-2.6.19/GPLv2
/usr/local/share/licenses/openvpn-2.6.19/LICENSE
/usr/local/share/licenses/openvpn-2.6.19/catalog.mk
/usr/local/share/man/man5/openvpn-examples.5.gz
/usr/local/share/man/man8/openvpn.8.gz
/usr/local/libexec/openvpn-client.down
/usr/local/libexec/openvpn-client.up
/usr/local/etc/rc.syshook.d/carp/20-openvpn
/usr/local/etc/rc.syshook.d/carp/20-openvpn-instances
/usr/local/etc/rc.syshook.d/start/90-openvpn
/usr/local/etc/inc/plugins.inc.d/openvpn.inc
/usr/local/etc/inc/plugins.inc.d/openvpn
/usr/local/etc/inc/plugins.inc.d/openvpn/dh.rfc7919
/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkdown
/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn-linkup
/usr/local/etc/inc/plugins.inc.d/openvpn/tunnel_endpoint.php
/usr/local/etc/rc.d/openvpn
/usr/local/opnsense/scripts/openvpn
/usr/local/opnsense/scripts/openvpn/client_connect.php
/usr/local/opnsense/scripts/openvpn/client_disconnect.sh
/usr/local/opnsense/scripts/openvpn/kill_session.py
/usr/local/opnsense/scripts/openvpn/ovpn_event.py
/usr/local/opnsense/scripts/openvpn/ovpn_service_control.php
/usr/local/opnsense/scripts/openvpn/ovpn_status.py
/usr/local/opnsense/scripts/openvpn/tls_verify.php
/usr/local/opnsense/scripts/openvpn/user_pass_verify.php
/usr/local/opnsense/service/templates/OPNsense/Syslog/local/openvpn.conf
/usr/local/opnsense/service/conf/actions.d/actions_openvpn.conf
/var/mail/openvpn
/var/etc/openvpn
/var/etc/openvpn/server-7f5c5a52-c2b4-4e95-9043-41efd883a950.crl-verify
/var/etc/openvpn/instance-7f5c5a52-c2b4-4e95-9043-41efd883a950.conf
/var/etc/openvpn/instance-7f5c5a52-c2b4-4e95-9043-41efd883a950.stat
/var/etc/openvpn/instance-7f5c5a52-c2b4-4e95-9043-41efd883a950.sock
/var/etc/openvpn-csc
/var/etc/openvpn-csc/4
/var/db/rrd/openvpn-packets.rrd
/var/db/rrd/openvpn-traffic.rrd
/var/log/openvpn
/var/log/openvpn/latest.log
/var/log/openvpn/openvpn_20260325.log
/var/log/openvpn/openvpn_20260324.log
/var/lib/php/cache/_usr_local_opnsense_mvc_app_views_opnsense_openvpn_cso.volt.php


Viele Grüße

#2

26.1 Series / Wireguard configuration with n...

Last post by marcels - Today at 07:08:11 PM

Hello All,

I have a new installation Opnsense 26.1 with 5 VLANs and configured rules using "new rules". Working well. Now I would like to add Wireguard to access my home network from mobile to Plex server. All tutorials are using former rules but not a new. So question is what is differences between setup with former rules and new?
Is there in 26.1 some automatically created rules when wireguard is enabled? I would like to ask you to point me how to proceed in 26.1.
Thanks a lot

#3

26.1 Series / Re: Upgrade Completely Broke S...

Last post by Netlearn - Today at 06:54:28 PM

Last night I made the mistake of trying to upgrade my system.

Upgrading is not the mistake. Lack of recovery methods is.

Next time, use snapshots at least.

#4

26.1 Series / Re: Private IP PPPOE -OPNSense...

Last post by Javier® - Today at 06:43:08 PM

I'm surprised, it uses Opnsense behind CNGA Double NAT, I don't understand

#5

Virtual private networks / Re: NATing LAN2, but not IPSec...

Last post by viragomann - Today at 06:20:22 PM

I tried to give constructive infos and recommendations though.

Again: Natting on your site is no option to solve this.

#6

25.7, 25.10 Series / Re: Router not having WAN acce...

Last post by justjake - Today at 06:16:36 PM

This is from another device on my opnsense router, not much going on.

#7

26.1 Series / Proper Path To Keep Using ISC-...

Last post by House Of Cards - Today at 06:14:54 PM

Hello,

My recent upgrade failed, and I suspect that the ISC-DHCP plugin may have been the issue.  I had connectivity problems, and I want to try again.

I have a backup of my 25.7 configuration.  Should I install 26.1 fresh and recover the config during install, then run 'pkg install os-isc-dhcp' to make sure the configuration carries over?  Or should I install clean, install the plugin, then restore the configuration?

If that package doesn't install, I suspect that is where my issue arises.   

#8

Virtual private networks / Re: NATing LAN2, but not IPSec...

Last post by ivoruetsche - Today at 06:05:38 PM

It's a bit frustrated to get such replays where are not that constructive. I wouldn't post and invest a lot of try and error time if the solution is that easy like to change the subnet.

This has a reason why I can't change the numbering and sometimes it's just a fact.

Thanks a lot

Ivo

#9

Intrusion Detection and Prevention / Re: IPS/Suricata does not drop...

Last post by RamSense - Today at 05:53:52 PM

to be sure: After you changed the hit from allow to drop, you have to go to [intrusion detection - administration - rules] and hit [Apply]
have you done that?

#10

Hardware and Performance / Re: Debian on DEC4640

Last post by micha - Today at 05:48:06 PM

BIOS or UEFI mode ?

I used dd to transfer the Debian ISO image to the stick. Therefore, I'm assuming it's in BIOS mode.