"Recent posts
#81
Announcements / Re: OPNsense 25.7.7 released
Last post by franco - November 07, 2025, 04:30:13 PMA hotfix release was issued as 25.7.7_4:
o ui: bootgrid: prevent full table redraw without onDataProcessed trigger
o ui: bootgrid: add missing datakeys to two pages
o ui: bootgrid: prevent full table redraw without onDataProcessed trigger
o ui: bootgrid: add missing datakeys to two pages
#82
Tutorials and FAQs / [HOWTO] Installing OPNsense on...
Last post by LGDL - November 07, 2025, 04:29:18 PMI recently got three Velocloud EDGE 510 routers and installed OPNSense following the information from this previous post:
https://old.reddit.com/r/opnsense/comments/1mv3how/repurpose_velocloud_edge_510_router_wopnsense/
A few things changed and I was blocked at two spots, for some reason the default root password didn't work for me, etc. So I documented everything in detail including what didn't work for me, I hope it's useful and it encourages more people to try OPNsense with real hardware.
BTW if anyone knows where to start looking to have the ability to change the LED color, I'dlove to use that for some notifications, including after boot (I miss the sound other hardware do at boot) !
https://old.reddit.com/r/opnsense/comments/1mv3how/repurpose_velocloud_edge_510_router_wopnsense/
A few things changed and I was blocked at two spots, for some reason the default root password didn't work for me, etc. So I documented everything in detail including what didn't work for me, I hope it's useful and it encourages more people to try OPNsense with real hardware.
BTW if anyone knows where to start looking to have the ability to change the LED color, I'dlove to use that for some notifications, including after boot (I miss the sound other hardware do at boot) !
#83
German - Deutsch / Anfängerfrage: bekomme keine V...
Last post by H1N1 - November 07, 2025, 04:22:47 PMBin OPNsense-Umsteiger (von pfSense). Ich habe ein sehr einfaches Setup: eine Fritzbox, die mit dem WAN Interface der OPNsense verbunden ist (192.168.123.11/24) und das LAN-Interface ist mit dem LAN Segment verbunden (192.168.111.1/24). Ich möchte nun eine RDP-Verbindung von einem Windows Rechner im WAN (192.168.123.30) zu einem Rechner im LAN (192.168.111.111) aufbauen. Ich habe dazu eine Route im Windows Rechner im WAN angelegt, so dass alle Verbindungen zum LAN Segment über das WAN-Interface der OPNsense geroutet werden.
In der pfSense ist so etwas denkbar einfach: entsprechende Firewall-Regel fürs WAN Interface anlegen -> fertig -> funktioniert.
Leider bekomme ich mit der OPNsense keine Verbindung, weil sie blockiert wird. Die OPNsense legt automatische Firewall-Regeln an, die oberste fürs WAN-Interface ist ein "blockiere allen eingehenden IPv4 und IPv6 Traffic". Meine eigene "allow-Regel" kann nicht wirken, weil sie ganz unten eingereiht wird und nicht nach oben verschoben werden kann; die automatische Blockier-Regel kann auch nicht gelöscht werden.
Ich habe nun gelesen, dass man statt der Firewall Regel eine NAT-Regel anlegen muss; leider funktioiert das genausowenig. Habe stundenlang alle möglichen Einstellungen versucht und bin verzweifelt!
Kann jemand helfen?
In der pfSense ist so etwas denkbar einfach: entsprechende Firewall-Regel fürs WAN Interface anlegen -> fertig -> funktioniert.
Leider bekomme ich mit der OPNsense keine Verbindung, weil sie blockiert wird. Die OPNsense legt automatische Firewall-Regeln an, die oberste fürs WAN-Interface ist ein "blockiere allen eingehenden IPv4 und IPv6 Traffic". Meine eigene "allow-Regel" kann nicht wirken, weil sie ganz unten eingereiht wird und nicht nach oben verschoben werden kann; die automatische Blockier-Regel kann auch nicht gelöscht werden.
Ich habe nun gelesen, dass man statt der Firewall Regel eine NAT-Regel anlegen muss; leider funktioiert das genausowenig. Habe stundenlang alle möglichen Einstellungen versucht und bin verzweifelt!
Kann jemand helfen?
#84
25.7, 25.10 Series / Re: Bug? 25.7.7_2 - IPSec > le...
Last post by Monviech (Cedrik) - November 07, 2025, 02:50:27 PMThis fixes the issue:
# opnsense-patch https://github.com/opnsense/core/commit/3ba41cc5b05a762ec9b26e99ec12a74c0039888a
# opnsense-patch https://github.com/opnsense/core/commit/3ba41cc5b05a762ec9b26e99ec12a74c0039888a
#85
High availability / Re: Red Square in /ui/core/has...
Last post by Patrick M. Hausen - November 07, 2025, 02:36:35 PM1. System > HA > Settings --> the config sync IP address must be empty on the backup node
2. System > HA > Settings --> enable syncing of certificates
2. System > HA > Settings --> enable syncing of certificates
#86
High availability / Re: Red Square in /ui/core/has...
Last post by Zugschlus - November 07, 2025, 02:22:23 PMQuote from: Patrick M. Hausen on November 07, 2025, 01:27:39 PMMost certainly not - I hope you did not configure a synchronise config IP address on the backup node?
I dont quite understand that. What do you mean?
Quote from: Patrick M. Hausen on November 07, 2025, 01:27:39 PMSo the only thing I can picture is wrong timing - sync and restart OpenVPN first, then certificates, so OpenVPN cannot start on the backup. Syncing twice should fix that. But ten minutes ... no idea.
I did it more than twice. And there is nothing explicitly syncing certificates and CAs in the config:
You cannot view this attachment.
Greetings
Marc
#87
Zenarmor (Sensei) / Re: Zenarmor, NextDNS & Apple ...
Last post by sy - November 07, 2025, 02:20:01 PMHi n0ahg,
I have reviewed, and there are no new or unanswered requests. I've sent a private message to your forum account.
I have reviewed, and there are no new or unanswered requests. I've sent a private message to your forum account.
#88
25.7, 25.10 Series / Re: Create a cron job
Last post by FredFresh - November 07, 2025, 02:07:49 PMI create here /usr/local/opnsense/service/conf/actions.d the file actions_VPN_GW_CZ_routes.conf
inside there is this
[trace]
command:traceroute -s 192.168.2.1 10.2.2.1
parameters:
type:script
message:automatic traceroute to VPN CZ gateway
description:automatic traceroute to VPN CZ gateway
I reset the service using
service configd restart
I can see the new line in the CRON drop down menu
But if I try to run
configctl VPN_GW_CZ_routes trace
It returns
Action not allowed or missing
What I am doing wrong?
thanks
inside there is this
[trace]
command:traceroute -s 192.168.2.1 10.2.2.1
parameters:
type:script
message:automatic traceroute to VPN CZ gateway
description:automatic traceroute to VPN CZ gateway
I reset the service using
service configd restart
I can see the new line in the CRON drop down menu
But if I try to run
configctl VPN_GW_CZ_routes trace
It returns
Action not allowed or missing
What I am doing wrong?
thanks
#89
25.7, 25.10 Series / Re: Unbound only resolve IPv6 ...
Last post by payback007 - November 07, 2025, 01:46:29 PMProblem is gone again after migration at my internet provider back to real dual stack configuration. So it seems there was a topic from Unbound with DSlite-stack.
#90
25.7, 25.10 Series / FTP Proxy Howto
Last post by Louis - November 07, 2025, 01:40:07 PMHi all.
I have configured os-ftp-proxy plugin according this howto https://forum.opnsense.org/index.php?topic=3868.0
It works fine as expected. Access to external ftp server works.
Is it also possible to access a privat FTP server to a privat LAN on a remote Network connect though a wireguard tunnel?
I have configured os-ftp-proxy plugin according this howto https://forum.opnsense.org/index.php?topic=3868.0
It works fine as expected. Access to external ftp server works.
Is it also possible to access a privat FTP server to a privat LAN on a remote Network connect though a wireguard tunnel?
