Time To Move To OPNsense

[Zema Bus]

I was going to download the latest version of pfSense to install to my backup router (pfSense on it was borked by updates) before updating my primary router. But, now they make you go through a product purchase process for the community edition, which includes requiring you to create an account, add it to your cart, provide your billing address and phone number. They want to steer users towards their premium edition and so community edition users are now required to go through the same process as if they were buying the premium edition. It's still free and all, but you are paying with your data. Not to mention the annoyance. The only way around it is to download an older version from a mirror and then update it after installation. But you can't skip versions, you have to update one version at a time, so if you're several versions back it's going to take a while. And that will only get worse with time. Borked updates aren't uncommon with pfSense and I've always been prepared with the latest installer and a backup of my settings to import during installation. I think the community edition will eventually go away, it's what most people probably use and Netgate doesn't want it competing with their money making version. So, time to move to OPNsense like I've been planning to do for years. I'll have to start from scratch with my multi WAN configuration. I'll do it first on my backup router.

[Grogan]

You tell them to take a long, hard suck on your wrinkled white ass. I wouldn't jump through their hoops either. That's freely licensed software they are gating up there.

I hope OPNsense works out. It should be just doing the same shit as you did before, configuring it. You know what you have to do, and that's the first thing towards figuring out how

[Zema Bus]

I was really hoping this would be as straightforward as it was in pfSense as far as getting multi-WAN failover working, but it wasn't. They have additional, convoluted steps and very poor documentation of these steps. I ended up having to follow a video tutorial after finding no detailed guides. It looked like everything was set correctly, but as soon as I enabled to LAN rules the machine I was using as a client loss connectivity, and I couldn't get it back. Another thing I wasn't keen on is that the monitoring is based on the remote DNS server that you configure, and you can't specify a backup DNS IP. You set one per WAN, and each WAN has to use a different DNS IP. I spent hours working on that, I was going to reset my config to default and start over, but I didn't want to spend my whole weekend doing that so I decided to just install the last version of pfSense that doesn't require creating an account to download, and then just attempt to update to the latest version. So that's what I did, and everything seemed to go well until it rebooted. It kernel panicked after it was unable to find a driver for the onboard WiFi. I read that some users ran into that with some hardware. The obvious solution would be to simply disable the onboard WiFi, except that there was no way in the BIOS to disable it. I went through every menu even ones it was unlikely to be in, and there was nothing for the WiFi. A BIOS update might have solved that but I didn't want to bother with that, instead I just tried another machine, one with no WiFi. I ended up just creating an account after all to expedite things after spending way too much time on this task. It wasn't that bad, I just gave them the email address I use for situations like this, one where junk can go to die, and I gave them one of my virtual mailbox addresses instead of my real one. It was more the principle of it I didn't like. I swapped the two port NIC into this machine and matched up my LAN and WAN Ethernet ports the same as how it was in the other machine. I had my saved settings file on a USB flash drive plugged in and it picked it up. I didn't have to do any configuration at all, it just worked. I only had my WAN2 connected during installation and testing and once I saw that everything was working I quickly plugged in my real LAN and then my WAN1. I managed to do that quickly enough that my Internet radio stream wasn't interrupted. This is my first time using an AMD machine as a router, it's a Ryzen 5 5500. So I'll run it for now then later I'll update my main router.

pfSense_2.8.1a.jpg

pfSense_2.8.1b.jpg

I'll revisit OPNsense in the future when I have some time to get frustrated lol!

[Grogan]

That's too bad, but worse is that it cost you a lot of time just to get back to the point you were before.

That WAN failover is a complex operation, it probably doesn't get enough attention or testing.

[Zema Bus]

I finally accomplished what I originally set out to do, I got pfSense updated on my primary router. Since I had a reliable backup I didn't have anything to lose attempting to update my main router. After I started the update I realized I forgot to go in and disable the onboard WiFi, and just like the other machine it had a kernel panic after rebooting. So I went into the BIOS and disabled the WiFI, which I couldn't do on the other one that had no setting for it. I rebooted from the BIOS and it successfully finished up with the update. Think I should be good for a while

[Grogan]

Glad to hear it. It's best to stick with what you know works well for you. That's why I don't consider anything but DD-WRT because I know what I can do with it, and how

On the one that doesn't have a setting for it, the WiFi adapter will likely be external to the chipset (maybe even a mini card?)