"Recent posts
#1
Hardware and Performance / Re: cpu-microcode-intel: no ma...
Last post by BrandyWine - Today at 07:51:10 PMThe fixed package looks good, it now has 06-9a-04.80
Just not sure the .80 is the fix for the issue in post #1.
Manually download/install the pkg, then lets see what happens.
Just not sure the .80 is the fix for the issue in post #1.
Manually download/install the pkg, then lets see what happens.
#2
26.1, 26,4 Series / Re: FreeBSD 15.1 will be relea...
Last post by newsense - Today at 07:23:58 PMThe bigger change might actually be openssl 3.5.x in 26.7 for the packages, and it can already be tested:
1) Take a snapshot
2) in Firmware Settings set the custom repository snapshots/openssl35
Check for updates and reboot at the end.
( There's no need to select development in Firmware settings, only set the custom repository )
I'm running on OpenSSL 3.5.6 for a week with what is essentially 26.1.8 (plus a handful of patches that will be officially released in 26.1.9) with WireGuard, OpenVPN and IPsec
P.S. If having mimugmail packages installed don't change the openssl version or those packages ( example Unifi) will be uninstalled.
AGH will be fine as it handles SSL without dependencies on OPNsense packages.
1) Take a snapshot
2) in Firmware Settings set the custom repository snapshots/openssl35
Check for updates and reboot at the end.
( There's no need to select development in Firmware settings, only set the custom repository )
I'm running on OpenSSL 3.5.6 for a week with what is essentially 26.1.8 (plus a handful of patches that will be officially released in 26.1.9) with WireGuard, OpenVPN and IPsec
P.S. If having mimugmail packages installed don't change the openssl version or those packages ( example Unifi) will be uninstalled.
AGH will be fine as it handles SSL without dependencies on OPNsense packages.
#3
Hardware and Performance / Re: CPU Recommendations?
Last post by XrayDoc88 - Today at 07:06:57 PMThanks. I hadn't heard of Silver Peak. Looking on Ebay, I don't see any mention of 10G ports nor SFP+ ports however.
#4
26.1, 26,4 Series / Re: FreeBSD 15.1 will be relea...
Last post by sopex - Today at 06:48:34 PMQuote from: mooh on Today at 06:19:59 PMQuote from: Patrick M. Hausen on Today at 04:02:40 PMOPNsense business editions are released in April and October.Isn't the business edition always based on the preceding community edition? Say, the CE doesn't adopt FreeBSD 15.1 in July, then the BE won't be based on it either, right?
Something must seriously go wrong for CE not to get 15.1
But yes, if CE doesn't get it, BE won't get it
#5
26.1, 26,4 Series / Re: FreeBSD 15.1 will be relea...
Last post by Patrick M. Hausen - Today at 06:45:12 PMQuote from: mooh on Today at 06:19:59 PMIsn't the business edition always based on the preceding community edition?
Yes.
Quote from: mooh on Today at 06:19:59 PMSay, the CE doesn't adopt FreeBSD 15.1 in July, then the BE won't be based on it either, right?
Most probably.
As I wrote FreeBSD releases and OPNsense releases are not in any way coupled.
#6
Hardware and Performance / Re: CPU Recommendations?
Last post by rumshot - Today at 06:30:58 PMHey Mate,
Not sure if that would help you, but i've bought a EC-S (silver peak) on ebay, with interfaces 10gb and reused it with opnsense. Im extremelly happy with opnsense and im using my 3 gateways with wireguard for 1 month and no issues.
Im running all kind of plugins, ids/ips, zenarmor, avocado, papaya and i just have 20% of memory used.
Check on ebay and be happy.
ps: regarding opnsense... i never had any regret after installed it. I cant say the same about pfsense.... maybe skin thing, but i hated it.
Not sure if that would help you, but i've bought a EC-S (silver peak) on ebay, with interfaces 10gb and reused it with opnsense. Im extremelly happy with opnsense and im using my 3 gateways with wireguard for 1 month and no issues.
Im running all kind of plugins, ids/ips, zenarmor, avocado, papaya and i just have 20% of memory used.
Check on ebay and be happy.
ps: regarding opnsense... i never had any regret after installed it. I cant say the same about pfsense.... maybe skin thing, but i hated it.
#7
Zenarmor (Sensei) / Re: Zenarmor and local hostnam...
Last post by rumshot - Today at 06:25:40 PMThanks !!
I'm indeed using free version. I was expecting this works under free ...
Anyway, i will ask them a trial.
10 isnt too much, but at the same time, i would like to see it working first.
I'm indeed using free version. I was expecting this works under free ...
Anyway, i will ask them a trial.
10 isnt too much, but at the same time, i would like to see it working first.
Quote from: Vilhonator on Today at 01:57:34 PMYou need paid subscription (like home which is 10€ a month) for it.
If you have paid subscription, then here are steps I could find.
- Go to Settings -> DNS Enrichment.Toggle on Perform real-time DNS reverse queries for local IP addresses. Under DNS Enrichment for Reports, add the IP address of your local DNS server. Save your changes and restart the Zenarmor engine from the dashboard
- Go to Services -> Unbound DNS -> Overrides in your OPNsense UI.Add Host Overrides for your client devices to map their names to their static IP addresses.
- Go to Services -> Unbound DNS -> Overrides in your OPNsense UI.Add Host Overrides for your client devices to map their names to their static IP addresses.
- Ensure you haven't accidentally masked your IP addresses. In the Zenconsole, check your Privacy Settings and make sure Anonymize local IP address is toggled OFF.
- If you are still seeing IPs or MAC addresses, you may need to clear your reporting database/cache to force a fresh look-up using the new DNS settings.
If that fails, then contact zenarmor support for further guidance.
Anyway, since you didn't mention wether you are using free version or not, I assume you are using free version and that's why it doesn't work
#8
26.1, 26,4 Series / Re: FreeBSD 15.1 will be relea...
Last post by mooh - Today at 06:19:59 PMQuote from: Patrick M. Hausen on Today at 04:02:40 PMOPNsense business editions are released in April and October.Isn't the business edition always based on the preceding community edition? Say, the CE doesn't adopt FreeBSD 15.1 in July, then the BE won't be based on it either, right?
#9
German - Deutsch / Re: Agfeo730 IT hinter OPNsens...
Last post by meyergru - Today at 05:41:00 PMSo, wie es aussieht, ist mindestens einer der beiden NICs ein Realtek, dafür gibt es ein Plugin (os-realtek-re) mit einem verbesserten Treiber. Teilweise haben diese Geräte unabhängig vom eingesetzten NIC mit Sleep States Probleme, was das Knacken erklären könnte. Man kann ASPM per hw.pci.enable_aspm=0 abschalten.
Dazu die üblichen Verdächtigen: RSS einschalten..., siehe hier: https://forum.opnsense.org/index.php?topic=42985.0
Dazu die üblichen Verdächtigen: RSS einschalten..., siehe hier: https://forum.opnsense.org/index.php?topic=42985.0
#10
General Discussion / Re: Wireguard Flint 2 VPN Serv...
Last post by patient0 - Today at 05:37:01 PMThis is an OPNsense (FreeBSD based router) forum.
You are better of asking the GL-iNet forum (https://forum.gl-inet.com/) if you are running the official GL-iNet firmware or the OpenWRT forum (https://forum.openwrt.org/) if - and only if - you are running the official OpenWRT firmware.
You are better of asking the GL-iNet forum (https://forum.gl-inet.com/) if you are running the official GL-iNet firmware or the OpenWRT forum (https://forum.openwrt.org/) if - and only if - you are running the official OpenWRT firmware.
