Recent posts

#91

Hardware and Performance / Re: [solved] Intel i226 Firmwa...

Last post by BrandyWine - Today at 03:20:09 AM

@mikey313
ID 303 is a way old 2MB firmware, #2 in historical list of 6.

I know for sure, there's an enormous amount of 226's out there running on problematic NVM. If only more people knew about the fix. ;)

#92

Hardware and Performance / Re: Wireless

Last post by stanps - Today at 01:15:19 AM

Thanks for the input!  I'll check it out.

#93

26.1 Series / Re: WAN over LTE modem

Last post by nero355 - Today at 01:07:33 AM

I think you are looking for the following OPNsense Documentation pages :

- https://docs.opnsense.org/manual/interfaces.html#mobile-networking
- https://docs.opnsense.org/manual/how-tos/cellular.html
- https://docs.opnsense.org/manual/how-tos/multiwan.html

:)

#94

26.1 Series / Re: Divert mode "Write to ipfw...

Last post by nero355 - Today at 12:49:04 AM

I'm sorry but i have no idea how to implement the patch, can you please hint how to do that?

See : https://github.com/opnsense/core/issues/9712#issuecomment-3866792301 ;)

#95

General Discussion / Re: OPNsense 26.1.1 with Adgua...

Last post by nero355 - Today at 12:42:40 AM

I did read over that entire HOWTO but it doesn't match up to the current GUI.

It should not be that hard to fix that IMHO by browsing around a bit on the OPNsense webGUI ?!

For example :

And under Firewall NAT there is no longer anything mentioned about "Port Forward".

Has been renamed to 'Destination NAT' as you can see here : https://forum.opnsense.org/index.php?topic=50472.0 ;)

There is no "General DNS Resolver Options" anymore that I can find under Unbound General settings.

I do not use OPNsense for DNS so you will have to figure out that one yourself.

[25.7.11_9]

#96

26.1 Series / Re: 26.1.1 MTU Issues on PPPoE

Last post by Taunt9930 - Today at 12:06:11 AM

Changed the title - my issues seem to be across IPv4 and IPv6 and relate to the MTU implementation (somehow) on 26.1.1. I have 1508 MTU Set on my PPPoE WAN Interface (Calculated PPP: 1500) and that has worked forever. When I upgrade to 26.1.1 I have MTU/MSS related issues. I can flip back and forth from 25.7.11_9 to 26.1.1 and the issue is entirely repeatable on 26.1.1.

If I run the Path MTU Discovery Test, it illustrates the issue - http://pmtud.enslaves.us/

Attached screenshots

25.7.11_9 - IPv4 MSS OK to 1460, and IPv6 MSS OK to 1440 (as expected)

26.1.1 - IPv4 MSS 536, and IPv6 MSS 1220

Something is amiss and this is entirely repeatable.

Has something changed in the implememtation of Mini Jumbo on the WAN Interface?

#97

German - Deutsch / IPSec Site2Site (Connections) ...

Last post by cklahn - February 09, 2026, 11:44:44 PM

Hallo Forum,

in der Dokumentation und in Youtube findet man nur Beispiele, wo beide Seiten eine feste IP haben müssen. Damals unter den Legacy-Einstellungen konnte man auch wählen, welche OPNsense den Verbindungsversuch startet. Damit war es möglich an einem Anschluss, der keine feste öffentliche IP hatte dieser Box zu sagen, dass sie den Verbindungsaufbau initiieren sollte.

Wie kann ich es mit den Connections realisieren?

#98

Q-Feeds (Threat intelligence) / Re: Unable to add Q Feed IPs t...

Last post by janfosu - February 09, 2026, 11:34:46 PM

Update: Just rebooting the firewall seemed to fix this issue.

Glad it's working again after the reboot! We're curious though if more users have experienced this?

Thanks, that is true, I had the same error, rebooted (thanks lionflower) it is fine now. This was a new clean install of V26.1.1 on hardware.

#99

General Discussion / dnsmasq - no address range ava...

Last post by CaskAle - February 09, 2026, 11:28:01 PM

I recently migrated my opnsense to the newed default of using dnsmasq along with unbound.  I am using both ipv4 and ipv6 across 4 vlans.  All is mostly working fine however, my dnsmasq log is innundated with the followoing warning. "no address range available for DHCPv6 request via igb3"  In my case, igb3 is my WAN interface.I am getting them at least one per minute.  My WAN interface is getting its ipv6 address from the isp directly via DHCP and I am thinking I should not need to include an address range in dnsmasq for this inteface?  I tried disabling the wan interface in the dnsmasq general settings but then nothing worked.  Is there a way to get this warning addressed properly.  I realize it is just a waring but I like to try and have everything working as designed.  Also, its rather hard to look for real errors in the log when it is full of these warnings.

Any help is greatly appreciated, thanks
troy

#100

25.7, 25.10 Series / Issues after Migration - OPNSe...

Last post by seroal - February 09, 2026, 11:15:38 PM

Hi there,

I´m currently trying to migrate our test OPNSense Installation with multiple IKEv2 VPNs running to our new hardware with OPNSense Business 25.10. I imported the configuration on the new hardware, and always when switching over to the new hardware with OPNSense business version, all of the tunnels are running fine, except one. This one tunnel is one where the remote site is with a dynamic ip adress. The tunnel will not connect at all. With the current active system on the HQ using Community Edition 25.7.7, I can get it running all the time. Sometimes, after switching back from the new hardware, it seems to be necessary to reset the tunnel on the remote site. I also updated the IPSec Client side from 25.1 to 26.1.1, but nothing changed.


What could be the reason for this? I´m not fully convinced by using IPSec for such a use case here, but it was more like we had to move from a static pub ip to ad natted (rotuer in front) network.


Any ideas, why this only connection has such an issue, after the migration? I think I exported the configuration from the 25.1.11 community version and imported it to the mentioned 25.10.  Could this be an issue?


After the import on the OPNSense business Edition I only changed some interface assignments and I also configured HA.



Are there recommendations to setup such a remote dynamic client?



Thanks.