Unable to Connect to Preconfigured Protectli Vault with OPNsense

[aleco]

Hi OPNsense community,

I’m a complete novice and could really use some help setting up my Protectli Vault preconfigured with OPNsense. It was just delivered, but I’m stuck trying to connect. I’ve searched everywhere and can’t find clear steps for the initial setup. Here’s what I’ve tried so far:

1. Ethernet Connection (Firewall to Router):
I connected Port 1 of the firewall to my Linksys Velop router. The firewall was assigned the IP 192.168.1.201, and the router shows an OPNsense device at this IP. However, trying to SSH (ssh root@192.168.1.201) results in a timeout.

2. Web Interface Access:
I attempted to access the web UI at the IP the firewall was assigned via https://192.168.1.201, but no luck.

3. Serial Console (via CoolTerm):
I used the provided COM port cable, connected it to my MacBook Air, and used CoolTerm. The settings are 115200/8-N-1, and it shows the RTS and DTR indicators as active (green). While it shows I’m connected and the byte count increases when I press Enter, the screen remains blank. Other baud settings (e.g. 9600) didn't help either.

4. Direct Ethernet Connection (Mac to Firewall):
I connected my MacBook Air via a Belkin 2,5G Ethernet dongle to Port 4 of the firewall, disabling all other network interfaces in macOS. My Mac assigned a self-assigned IP (169.254.147.18), and I still couldn’t reach the firewall.

Unfortunately, I don’t have an HDMI screen or a USB keyboard to connect directly to the device. I’ve taken a day off to set up the firewall, but I can’t even connect to it. I would greatly appreciate any advice on what I should try next.

Thanks in advance for your help!

[Patrick M. Hausen]

Try switching the connections to the LAN and WAN ports.

[aleco]

Thanks. I tried rebooting, then CoolTerm displayed a lot of garbled characters like:

Code: [Select]

;44H∫∫∫∫∫∫∫1. Boot Multi user [Enter][12;5)

I then installed minicon via brew, connected and rebooted and now am displayed:

Code: [Select]

______  _____  _____
            /  __  |/ ___ |/ __  |
            | |  | | |__/ | |  | |___  ___ _ __  ___  ___
            | |  | |  ___/| |  | / __|/ _ \ '_ \/ __|/ _ \
            | |__| | |    | |  | \__ \  __/ | | \__ \  __/
            |_____/|_|    |_| /__|___/\___|_| |_|___/\___|

 ����������������������[22;3H���������������������[10;2H@@@@@@@@@@@@@@@@@@@@@
                                               @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    1. Boot Multi user [Enter]                 @@@@@                    @@@@@
    2. Boot Single user                            @@@@@            @@@@@
    3. Escape to loader prompt                  @@@@@@@@@@@       @@@@@@@@@@@
    4. Reboot                                        \\\\\         /////
    5. Cons: Serial                            ))))))))))))       (((((((((((
                                                     /////         \\\\\
    Options:                                    @@@@@@@@@@@       @@@@@@@@@@@
    6. Kernel: default/kernel (1 of 1)             @@@@@            @@@@@
    7. Boot Options                            @@@@@                    @@@@@
                                               @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
                                               @@@@@@@@@@@@@@@@@@@@@@@@@@@@

   Autoboot in 0 seconds. [Space] to pause         24.1   ``Savvy Shark''    -
I'll search how to continue from here. I'm unsure how to do the setup now. I will try to stop the auto boot and then try all the boot options, hoping that one will lead me to the setup.

[aleco]

Sigh, in multi user boot it will boot but remain without login prompt. In single user boot it will drop me into the shell, but trying to run the installer leads to:

Code: [Select]

root@:/ # opnsense-installer
mkdir: /tmp/bsdinstall_etc: Read-only file system
mkdir: /tmp/bsdinstall_boot: Read-only file system
/usr/sbin/bsdinstall: cannot create /tmp/bsdinstall_log: Read-only file system
I really wish I could find an installation guide for preinstalled setups.

[aleco]

What a challenge. I'm staring at this and cannot figure out how to initiate the installer:

Code: [Select]

>>> Invoking start script 'newwanip'
>>> Invoking start script 'freebsd'
>>> Invoking start script 'syslog'
>>> Invoking start script 'carp'
>>> Invoking start script 'cron'
Starting Cron: ^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[AOK
>>> Invoking start script 'openvpn'
>>> Invoking start script 'sysctl'
Service `sysctl' has been restarted.
>>> Invoking start script 'beep'
^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[B^[[BRoot file system: zroot/ROOT/default
Wed Sep 11 11:41:13 UTC 2024

*** OPNsense.localdomain: OPNsense 24.1 ***

 LAN (igc1)      -> v4: 192.168.1.1/24
 WAN (igc0)      ->

 HTTPS: SHA256 58 54 ** ** ** ** ** ** ** ** ** ** ** 36 0A A8
               EC D9 ** ** ** ** ** ** ** ** ** ** ** ** F7 72

[Patrick M. Hausen]

You cannot invoke the installer from a preinstalled image. You need to boot from USB.

[aleco]

Thanks. After preparing a boot image and reinstalling OPNSense, I had the login prompt available and also could connect to the firewall via the GUI.