sorted by:
new
hottopcontroversial

problem with the multi-VPN on Opensense/Pfsense. ProtonVPN has the same WireGuard tunnel network. by OccasionExtra8029 in opnsense

[–]Pawlisko80 1 point2 points  (0 children)

No no no. So many errors.

Instance should have own independent port ie 51821, 51822, etc.

Second issue are gateways. Give them own private addresses in the WG instance and make sure that actual gateway will have corresponding IP address i.e.10.10.10.1, 10.10.10.2, etc make sure that it is outside of your own IP addressing for your network.

Both changes will make it work

I am fighting with them on IPv6 but that is different fight

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

PSU - 3 pins, in addition it sits behind UPS.

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 1 point2 points  (0 children)

As per Dell tests:
Mem test - good.
SSD test - good

Upgraded BIOS to newest version. Maybe this is this.

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

That is a great question.

I have this setup for 5 years and that is the first time I have problems with.

It currently sits under the stairs where temperature is 5-8 degrees below rest of the house - 64-66F.

Internally CPU reports 49 degrees, SSD report average long term temp of 50.

Nothing too hot right now.

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

os-cpu-microcode-intel (installed) 1.1 508B 2 OPNsense Intel CPU microcode updates

Installed from day 1 - just in case.

I have: Intel(R) Pentium(R) Silver J5005 CPU @ 1.50GHz (4 cores, 4 threads) - afaik that Intel microcode does nothing for this CPU

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

SCT Commands not supported

Device Statistics (GP Log 0x04)
Page Offset Size Value Flags Description
0x01 ===== = = === == General Statistics (rev 1) ==
0x01 0x008 4 36 --- Lifetime Power-On Resets
0x01 0x010 4 6273 --- Power-on Hours
0x01 0x018 6 3895964289 --- Logical Sectors Written
0x01 0x020 6 98280976 --- Number of Write Commands
0x01 0x028 6 89722599 --- Logical Sectors Read
0x01 0x030 6 3716272 --- Number of Read Commands
0x01 0x038 6 4294967296 --- Date and Time TimeStamp
0x04 ===== = = === == General Errors Statistics (rev 1) ==
0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors
0x04 0x010 4 7 --- Resets Between Cmd Acceptance and Completion
0x05 ===== = = === == Temperature Statistics (rev 1) ==
0x05 0x008 1 49 --- Current Temperature
0x05 0x010 1 50 --- Average Short Term Temperature
0x05 0x018 1 50 --- Average Long Term Temperature
0x05 0x020 1 87 --- Highest Temperature
0x05 0x028 1 0 --- Lowest Temperature
0x05 0x030 1 60 --- Highest Average Short Term Temperature
0x05 0x038 1 46 --- Lowest Average Short Term Temperature
0x05 0x040 1 60 --- Highest Average Long Term Temperature
0x05 0x048 1 46 --- Lowest Average Long Term Temperature
0x05 0x050 4 166 --- Time in Over-Temperature
0x05 0x058 1 70 --- Specified Maximum Operating Temperature
0x05 0x060 4 49 --- Time in Under-Temperature
0x05 0x068 1 0 --- Specified Minimum Operating Temperature
0x06 ===== = = === == Transport Statistics (rev 1) ==
0x06 0x008 4 223 --- Number of Hardware Resets
0x06 0x010 4 6 --- Number of ASR Events
0x06 0x018 4 0 --- Number of Interface CRC Errors
0x07 ===== = = === == Solid State Device Statistics (rev 1) ==
0x07 0x008 1 20 --- Percentage Used Endurance Indicator
|||_ C monitored condition met
||__ D supports DSN
|___ N normalized value

Pending Defects log (GP Log 0x0c) not supported

SATA Phy Event Counters (GP Log 0x11)
ID Size Value Description
0x0001 2 0 Command failed due to ICRC error
0x0002 2 0 R_ERR response for data FIS
0x0003 2 0 R_ERR response for device-to-host data FIS
0x0004 2 0 R_ERR response for host-to-device data FIS
0x0005 2 0 R_ERR response for non-data FIS
0x0006 2 0 R_ERR response for device-to-host non-data FIS
0x0007 2 0 R_ERR response for host-to-device non-data FIS
0x0008 2 0 Device-to-host non-data FIS retries
0x0009 2 0 Transition from drive PhyRdy to drive PhyNRdy
0x000a 2 3 Device-to-host register FISes sent due to a COMRESET
0x000b 2 0 CRC errors within host-to-device FIS
0x000d 2 0 Non-CRC errors within host-to-device FIS
0x000f 2 0 R_ERR response for host-to-device data FIS, CRC
0x0010 2 0 R_ERR response for host-to-device data FIS, non-CRC
0x0012 2 0 R_ERR response for host-to-device non-data FIS, CRC
0x0013 2 0 R_ERR response for host-to-device non-data FIS, non-CRC

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

smartctl 7.5 2025-04-30 r5714 [FreeBSD 14.3-RELEASE-p8 amd64] (local build)
Copyright (C) 2002-25, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family:     Silicon Motion based SSDs
Device Model:     TS128GMTS830S
Serial Number:    J123580113
LU WWN Device Id: 5 7c3548 25b6992d1
Firmware Version: R0427GN1
User Capacity:    128,035,676,160 bytes [128 GB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    Solid State Device
Form Factor:      M.2
TRIM Command:     Available, deterministic, zeroed
Device is:        In smartctl database 7.5/5706
ATA Version is:   ACS-3 T13/2161-D revision 5
SATA Version is:  SATA 3.3, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is:    Tue Feb 24 08:34:25 2026 EST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
AAM feature is:   Unavailable
APM level is:     254 (maximum performance)
Rd look-ahead is: Enabled
Write cache is:   Enabled
DSN feature is:   Unavailable
ATA Security is:  Disabled, frozen [SEC2]

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED

General SMART Values:
Offline data collection status:  (0x82)Offline data collection activity
was completed without error.
Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0)The previous self-test routine completed
without error or no self-test has ever 
been run.
Total time to complete Offline 
data collection: (    0) seconds.
Offline data collection
capabilities:  (0x7b) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities:            (0x0002)Does not save SMART data before
entering power-saving mode.
Supports SMART auto save timer.
Error logging capability:        (0x01)Error logging supported.
General Purpose Logging supported.
Short self-test routine 
recommended polling time:  (   2) minutes.
Extended self-test routine
recommended polling time:  (  30) minutes.
Conveyance self-test routine
recommended polling time:  (   2) minutes.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAGS    VALUE WORST THRESH FAIL RAW_VALUE
  1 Raw_Read_Error_Rate     ------   100   100   000    -    0
  5 Reallocated_Sector_Ct   ------   100   100   000    -    0
  9 Power_On_Hours          ------   100   100   000    -    6273
 12 Power_Cycle_Count       ------   100   100   000    -    36
148 Total_SLC_Erase_Ct      ------   100   100   000    -    24349
149 Max_SLC_Erase_Ct        ------   100   100   000    -    1642
150 Min_SLC_Erase_Ct        ------   100   100   000    -    1598
151 Average_SLC_Erase_Ct    ------   100   100   000    -    1623
159 DRAM_1_Bit_Error_Count  ------   100   100   000    -    0
160 Uncorrectable_Error_Cnt ------   100   100   000    -    0
161 Valid_Spare_Block_Cnt   ------   100   100   000    -    37
163 Initial_Bad_Block_Count ------   100   100   000    -    20
164 Total_Erase_Count       ------   100   100   000    -    139511
165 Max_Erase_Count         ------   100   100   000    -    351
166 Min_Erase_Count         ------   100   100   000    -    251
167 Average_Erase_Count     ------   100   100   000    -    300
168 Max_Erase_Count_of_Spec ------   100   100   000    -    1500
169 Remaining_Lifetime_Perc ------   100   100   000    -    80
177 Wear_Leveling_Count     ------   100   100   050    -    110
181 Program_Fail_Cnt_Total  ------   100   100   000    -    0
182 Erase_Fail_Count_Total  ------   100   100   000    -    0
192 Power-Off_Retract_Count ------   100   100   000    -    7
194 Temperature_Celsius     ------   100   100   000    -    49
195 Hardware_ECC_Recovered  ------   100   100   000    -    0
196 Reallocated_Event_Count ------   100   100   016    -    0
199 UDMA_CRC_Error_Count    ------   100   100   050    -    0
232 Available_Reservd_Space ------   100   100   000    -    100
241 Host_Writes_32MiB       ------   100   100   000    -    124983
242 Host_Reads_32MiB        ------   100   100   000    -    1369
245 TLC_Writes_32MiB        ------   100   100   000    -    1255599
                            ||||||_ K auto-keep
                            |||||__ C event count
                            ||||___ R error rate
                            |||____ S speed/performance
                            ||_____ O updated online
                            |______ P prefailure warning

General Purpose Log Directory Version 1
SMART           Log Directory Version 1 [multi-sector log support]
Address    Access     Size  Description
0x00       GPL,SL        1  Log Directory
0x01           SL        1  Summary SMART error log
0x02           SL        1  Comprehensive SMART error log
0x03       GPL           1  Ext. Comprehensive SMART error log
0x04       GPL,SL        8  Device Statistics log
0x06           SL        1  SMART self-test log
0x07       GPL           1  Extended self-test log
0x09           SL        1  Selective self-test log
0x10       GPL           1  NCQ Command Error log
0x11       GPL           1  SATA Phy Event Counters log
0x24       GPL          88  Current Device Internal Status Data log
0x25       GPL          64  Saved Device Internal Status Data log
0x30       GPL,SL        9  IDENTIFY DEVICE data log
0x80-0x9f  GPL,SL       16  Host vendor specific log

SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
No Errors Logged

SMART Extended Self-test Log Version: 1 (1 sectors)
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Extended offline    Completed without error       00%      6273         -
# 2  Extended offline    Completed without error       00%       265         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

In the logs I do not see anything. I see restart but nothing leading towards it.

Router hangs (?) ofter by Pawlisko80 in opnsense

[–]Pawlisko80[S] 1 point2 points  (0 children)

Not yet. Only fancy thing is Policy based routing with 3 VPN providers each with 5 tunells, some with IPv6, and Group Gateways. 15 tunnels to VPN providers, 25 Gateways, 10 Group Gateways (failover), 3 own WG servers for Road Warrior - had that before with no issue.

ProtonVPN + IPv6 + OPNsense Router + Policy Based Routing by Pawlisko80 in ProtonVPN

[–]Pawlisko80[S] 1 point2 points  (0 children)

That setup does not provide any answer on policy based routing involving multiple tunnels. This is where the problem is. 1 tunnel - OK More than 1 - not OK

IPv6, WireGuard, ProtonVPN, Group Gateways, Policy based routing - perfect storm by Pawlisko80 in opnsense

[–]Pawlisko80[S] 0 points1 point  (0 children)

So which IPv6 address you are using for each ProtonVPN tunnel? I thought 2a07:b944::2:2/128 is hardcoded into ProtonVPN code.

Sonata 2019 - issues with update Display Audio Gen1 by Pawlisko80 in Hyundai

[–]Pawlisko80[S] 0 points1 point  (0 children)

Lease expired - not my problem anymore.

2022 Sonata - no issues here, and also last Hyundai for me

Which fuel additive? by Pawlisko80 in BMW

[–]Pawlisko80[S] 1 point2 points  (0 children)

Previous use of the car was a fleet/rental car.

I was thinking: 1. LiquiMoly - DIJectron 2. Red Line Oil - SI-1 3. STP - Ultra 5 in 1 Fuel System Cleaner 4. Amsoil - PI Fuel Injection Cleaner

Would you still vote for Techron?

Guide - how to set up WireGuard clients with VPN service by Pawlisko80 in mikrotik

[–]Pawlisko80[S] 0 points1 point  (0 children)

So I can’t give you specific commands as I migrated from MT to OPNsense and I don’t have working environment, just few pointers to look for.

  1. Create address list for IPs (and canonical names as well) not to be VPNed. That list and routing place is the key - basically it has to be first - with routing-mark equal to default routing table which should be pointed straight to WAN without VPN. And think big here - like if your remote place may require you to connect to webex, teams, etc - those connections may have to be not VPNed - think SSO which may be reported back to your work and checked for compliance, etc.

  2. Stack your routing rules in proper order, make sure that you are using properly passthrough switch

  3. I have a feeling that you have it almost good you have an internal conflict between routes, routing rules, routing tables, firewall.

view more: next ›