GUI not accessible after IP change

[richardb]

Received new Protectli V2430 and plugged into my PC ethernet port. Normal  stock Dell XPS15 running windows 11.

Logged into OPNsense under root,opnsense GUI.

Changed static IP to 192.158.50.1 and lost access to GUI.
After restoring the config.xml file, then tried changing dhcp range at the same time.
Lost GUI access again and had to restore.

I generated a GUI interface at 192.168.69.1 and deleted the LAN interface and made a new LAN interface at 192.168.50.1 with dhcp server.


Now have GUI on both LAN and GUI interfaces.

Why can't an IP address be changed without losing the GUI access? This really should be more automatic that the OPNsense software does whatever is necessary to make sure GUI is still accessible when static IP for LAN is changed.

Also it shows the connection is not secure when connecting to the new interfaces.
Can OPNsense software be enganced to do what is necessary so https:// works without issues? Can you automate the process?

Does the new OPNsense version solve any of this?

Why I need to type mount -o -u rw /   in order to restore backup config.xml files? Can't the opnsense-sheel code include what is necessary to support easy usage? Having to spend hours to figure out how to restore a configure file is kind of nuts.

Sorry to sound like I'm complaining, but just providing feedback from a first time users perspective. Would be great to make OPNsense more user friendly. At least not requiring 8 hours of work to change a static IP address.


Thanks for any ideas you have or if any improvement follow.

[cookiemonster]

when you set a static ip for the device, you need to make sure that the one you are using to connect to is in the same network. You didn't need to restore configs unless you wanted to start again instead of correcting your setup.
Say your laptop is currently on your wifi network of 192.168.1.0/24 with an ip of 192.168.1.10
You then plug your ethernet cable from it to OPN and set its static ip to 192.158.50.1 . At that point both are in different networks without routes between them. You needed only to change the ip of your laptop to the range you set for OPN, say 192.158.50.2

Connection not secure: the certificate used to establish the TLS-secured connection with the browser is a self-signed one. For this one it'll be best to do an online search for how to use your own certificates. And OPN incudes Let's encrypt integration by the way.

[richardb]

The OPNsense is connected directly to the computer and the OPNsense is providing the dhcp. I should be able to change the IP address and the dhcp server serves up the new address to the computer. No issue if I nuke the LAN interface and make a new LAN interface. The issue arrises when changing the existing address. The issue occurs even if i turn off the dhcp server before changing the address and reenabling the dhcp server on the OPNsense.

It's not an issue on other routers. Can change the IP address and still can access the GUI. Just on OPNsense.

I had to restore the config.xml through the serial port since there was no other way to get back the GUI. I could not even get back service doing a factory restore or by changing back the IP address on the opnsense-shell program.   Really shouldn't be this hard.

[Saarbremer]

You might want to use "other routers".

Changing a router's IP will break existing configurations and connections. One could try to implement an automatic DHCP reconfiguration but what happened in case of conflicts, etc.?

HTTPS requires a valid and internet-accessible hostname in public DNS. Do you have that during install?

Your suggestions may sound convenient but they just aren't when thinking about it.

[cookiemonster]

I should be able to change the IP address and the dhcp server serves up the new address to the computer. No issue if I nuke the LAN interface and make a new LAN interface.

And it does. But dhcp is a pull not push operation. That's why we need to either request a new ip from your client, or change the static to the new one.

It's not an issue on other routers. Can change the IP address and still can access the GUI. Just on OPNsense.

I had to restore the config.xml through the serial port since there was no other way to get back the GUI. I could not even get back service doing a factory restore or by changing back the IP address on the opnsense-shell program.   Really shouldn't be this hard.

Really? This is networking, not OPN specific.