"Recent posts
#91
General Discussion / Where should I put the mainten...
Last post by timlab55 - December 02, 2025, 03:32:12 PMI'm sure a lot of people who are new to OpnSense would like to know this as well. For example, and again I say "for example", my home network is on 192.168.75.0/24, and my OpnSense is on 192.168.2.0/24. So where would the maintenance interface go (which ip address)?
#92
25.7, 25.10 Series / Re: 25.7.8 update, lost intern...
Last post by Patrick M. Hausen - December 02, 2025, 02:17:58 PMWhy are you using artificially small networks (/27 and /28) instead of the more generic and default /24?
But anyway can the devices ping the OPNsense interface in their respective network? You also might want to check that the prefix lengths ("netmasks") on OPNsense and the managed devices match and the OPNsense interface is the default gateway for all the clients.
But anyway can the devices ping the OPNsense interface in their respective network? You also might want to check that the prefix lengths ("netmasks") on OPNsense and the managed devices match and the OPNsense interface is the default gateway for all the clients.
#93
German - Deutsch / Re: IT Security Experte Floria...
Last post by Lucas P - December 02, 2025, 02:15:40 PMUm ehrlich zu sein, sieht die Seite für mich maximal unseriös aus.
Zudem wirkt es auf mich so, als würdest du da nur Werbung für machen.
Zudem wirkt es auf mich so, als würdest du da nur Werbung für machen.
#94
25.7, 25.10 Series / Re: 25.7.8 update, lost intern...
Last post by MarieSophieSG - December 02, 2025, 02:12:27 PMHello Patrick,
Thank you for your msg.
As the "disable FW" didn't change anything, I removed this right away, knowing that disabling FW does disable NAT (As clearly mentioned in the app' menu) so I'm back to normal since my last post.
All three interface are distinctives, 1.LAN is 192.168.101.101/27; 3.LAN-WiFi is 192.168.102.101/24; 4.LAN is 192.168.103.101/28
i.e: 1.LAN can't access the NAS on 4.LAN, which is a problem for later.
i.e: 3.LAN-WiFi devices can't access 1.LAN, which is wanted.
The IPs of the devices which can't access through the FW are 192.168.101.103; 192.168.102.103; (and 192.168.102.108 as I noticed later)
All other settings are identical, worked perfectly fine before the update, the DNS are the same for all interfaces; the FW rules are copied from 1.LAN with "allow-all".
Thank you for your msg.
As the "disable FW" didn't change anything, I removed this right away, knowing that disabling FW does disable NAT (As clearly mentioned in the app' menu) so I'm back to normal since my last post.
All three interface are distinctives, 1.LAN is 192.168.101.101/27; 3.LAN-WiFi is 192.168.102.101/24; 4.LAN is 192.168.103.101/28
i.e: 1.LAN can't access the NAS on 4.LAN, which is a problem for later.
i.e: 3.LAN-WiFi devices can't access 1.LAN, which is wanted.
The IPs of the devices which can't access through the FW are 192.168.101.103; 192.168.102.103; (and 192.168.102.108 as I noticed later)
All other settings are identical, worked perfectly fine before the update, the DNS are the same for all interfaces; the FW rules are copied from 1.LAN with "allow-all".
#95
25.7, 25.10 Series / Re: OPNcentral: Provisioning R...
Last post by franco - December 02, 2025, 01:26:04 PMThanks :)
#96
General Discussion / Re: Unable to syncronize NTP h...
Last post by LorneMalvo - December 02, 2025, 01:19:14 PMMy OS are Windows 11. Network time services running, checked on 2 different computers. Checked logs, and they say problems related to network connection.
For trying something different, just downloaded open source NTP client compatible with windows and boom, working fine.. With non native Windows NTP client everything is working perfectly. Even with Firewall rule disabled. It must be a Windows 11 bug.
I'll use this open source client for now. Trully don't trust Windwos 11 stability.
Thank you very much for your kind assistance and all your advice. I'm sorry you lost time on this.
For trying something different, just downloaded open source NTP client compatible with windows and boom, working fine.. With non native Windows NTP client everything is working perfectly. Even with Firewall rule disabled. It must be a Windows 11 bug.
I'll use this open source client for now. Trully don't trust Windwos 11 stability.
Thank you very much for your kind assistance and all your advice. I'm sorry you lost time on this.
#97
25.7, 25.10 Series / Re: OPNcentral: Provisioning R...
Last post by ews - December 02, 2025, 12:58:03 PM #98
General Discussion / Re: Unable to syncronize NTP h...
Last post by Patrick M. Hausen - December 02, 2025, 12:49:53 PMWhat OS are your clients? Do you have a Linux system? If yes, try
please.
Code Select
ntpdate -q <ip of opnsense>please.
#99
General Discussion / Re: Unable to syncronize NTP h...
Last post by LorneMalvo - December 02, 2025, 12:44:10 PMHello,
Changes done. But problem persist, opnsense itself is getting NTP hour, but not LAN clients.
See attached rule, I think it's OK.
Changes done. But problem persist, opnsense itself is getting NTP hour, but not LAN clients.
See attached rule, I think it's OK.
#100
German - Deutsch / Re: Frage bzgl. Unmanaged Swit...
Last post by viragomann - December 02, 2025, 11:29:27 AMQuote from: drosophila on December 02, 2025, 02:46:36 AMDa würde aber kein Unterschied zwischen dem einzelnen Port an der OPNSense Box und der Bündelung herauskommen, weil entweder der Verkehr gar nicht über die OPNSense Box läuft (z.B. für ein NAS), oder durch die Internetanbindung begrenzt ist, und bei Beidem zusammen ja eigentlich auch nicht (da begrenzt dann eher die Verbindung am Rechner). Die Portbündelung würde IMO nur dann etwas bringen, wenn 1) Deine Internetverbindung deutlich schneller ist als der Port an der OPNSense BoxDas kommt darauf an...
Hier geht es um VLANs, für welche OPNsense das Standardgateway ist. Jedes Paket zwischen den VLANs muss die eine Leitung zur OPNsense in beide Richtungen passieren.
Also wenn hier ein entsprechender Traffic zwischen den VLANs zu erwarten ist, macht Bündelung doch Sinn.
Wenn der Zweck der VLAN lediglich ist, das Netzwerk zu segmentieren und den daran angeschlossenen Geräten Internet bereit zu stellen, ist wahrscheinlich eher die Internetanbindung der Flaschenhals und eine zweite Leitung würde nichts bringen.
