OPNSense for Rock-Pi-E & Rock-Pi 4

SleepWalker · January 13, 2021, 7:35am

@J_Clem
This is a funny question.

Take it and try, what’s the point of asking people who discuss specific issues,
the operation of specific software on specific equipment,
and they are not INTERESTED how this software behaves on Raspberry Pi 2/3/4/5 !!!

Volker · February 5, 2021, 7:12pm

wow! this is really a great project! currently i have exactly such a use case and already wanted to use rock-pi x but this project is of course much more interesting price-wise! how does it look, does the whole thing have a certain future? will there be an update-server? especially are there already plans to offer packages like “wireguard” ?
is there any way to support the project?

volker

SleepWalker · February 7, 2021, 2:58pm

@Volker
Hi,
All this will certainly develop.
I am working on adding new equipment.
Wiregeard can be added, but Rock-Pi-E works pretty well without it :-).
Of course you can support the project.
Tell us more about yourself and your capabilities.
Do you have any FreeBSD skills.
Even if not, you can still contribute.
You can create an article on my site https://personalbsd.org and describe your experience of use.
You can just donate money for the purchase of new equipment :-).
To do this, you need to click on the Subscribe button and make a monthly donation of 400 rubles is 8 USB $.
You can refuse at any time.
I just want to test this button: does it work?
Good luck

Volker · February 7, 2021, 1:52pm

Website ist not available, DNS problems…

SleepWalker · February 17, 2023, 10:35am

Oh sorry https://personalbsd.org

Volker · February 7, 2021, 5:10pm

Okay cool! Let me build my current Project based on your Image, my customer is already waiting for . After First Bill, i will Love to subscribe to your gold Version!

Is it possible to live Update the current Image with your new Versions?

SleepWalker · February 7, 2021, 7:29pm

Since there is no official support for the arm64 architecture for opnsense,
then of course there is no official update about it.
I periodically build new versions myself

Volker · February 7, 2021, 8:27pm

I am a PHP Developer, maybe we can run an own Update Server to Support live updates?

spikerguy · February 11, 2021, 8:03pm

Yes wireguard can be installed, I’ve installed it but never tested it. I am very happy to use it as my home firewall appliance since 6months now.
Currently using the follow.
Unbound with dns routing from quad9
Unbound to blacklist all ads,
Openvpn so I can connect from anywhere.

@SleepWalker is already hosting the pkgs on his server the important point is to build the pkgs regularly, I can try that but it will take long time for my edge-v to do it unless @SleepWalker does it on his faster hardware

Volker · February 11, 2021, 8:41pm

I have endless CPU Power available, what do you need to build an Auto build Stack?

SleepWalker · May 13, 2021, 6:32am

Hi
That’s a Little Bonus - OPNsense 21.1 for RADXA SBCs!

ROCK-PI-E
OPNsense-21.1-OpenSSL-aarch64-ROCK-PI-E-20210513.img.xz

ROCK-PI-4C
OPNsense-21.1-OpenSSL-aarch64-ROCK-P-4C-20210513.img.xz

Hiddenhorror · May 13, 2021, 5:24am

@SleepWalker how do I get that image? None of the links work.

Hiddenhorror · May 13, 2021, 6:28am

I have tried setting this up, I’m still not able to access 192.168.1.1

SleepWalker · May 13, 2021, 6:36am

I have updated the links to the images.
Now they are working.

Please indicate the model of the device on which you cannot run OPNsense.

Hiddenhorror · May 13, 2021, 6:51am

I get activities light on the eth ports but can’t connect to either.

SleepWalker · May 13, 2021, 8:06am

Hi Hiddenhorror

You have connected Ethernet to 100Mbit port.
It is not right.

By default:
100MBit is WAN
1000Mbit is LAN
Configuration is performed through the 1000Mbit LAN port,
It is on it that the default IP address is 192.168.1.1

Configuration via LAN https://192.168.1.1/

Username: root
Password: opnsense

Good luck.

abal · May 25, 2021, 8:57pm

Dear @SleepWalker,

I’m experimenting with your image on my brand new RockPi E board, but without success till now. I’ve downloaded and burned your image, but it is not booting for me. Unfortunately I do not have any useful output as my UART cable (6in1 based on CP2102) is not showing any readable info. Based on my findings the RockPi uses 1500000 baud, which does not seem to be supported by this converter.
Do you have any idea, how I could debug the loading or get any details from it? During the boot something happens as I see periodic messages in serial monitor (unfortunately in unreadable form), but then it stops. Also the user led just lighting and not blinking and the ethernet is also not connecting.

One strange thing: once I’ve burned the image to the SD card I was not able to open it in windows explorer, however the other images (Pi OS, opnSense image for RPI2) I burned in the past were resulting a browsable SD card.

Any help is really appreciated!

Thanks!

SleepWalker · May 26, 2021, 3:29am

@abal

Hey!
If you capture the information output through the UART console port, then the system is trying to boot.
You need to test like this.

Default
100Mbit port is WAN
1000Mbit port is LAN

After starting the system, the LAN port has an IP address of 192.168.1.1
Therefore, if your local network already has a computer or router with this IP address, then there will be a conflict of IP addresses and you will be able to see nothing.
This is the most common mistake that occurs.

Therefore, I advise.
Burn the installation image to the SD card again and connect the Rock Pi E directly with an Ethernet cable to the computer via the 1000Mbit LAN port on the Rock-Pi-E.
Configure the computer to obtain an IP address using DHCP.
Apply power to the Rock-Pi-E and be patient and wait for the computer to receive an IP address via DHCP from the Rock-Pi-E.
The first start takes a long time so be patient

I advise you to disconnect the console cable from the Rock-Pi-E, as it does not have the correct speed for you, it can generate garbage in the direction of the Rok-Pi-E console port and prevent it from starting

If you fail, I will try to simulate your situation on my own.

Good luck

abal · May 26, 2021, 2:02pm

Hi @SleepWalker,

Really appreciate you fast response. I’ve proceed today based on your recommendation (the only difference was that I’ve disconnected the UART), but the issue is still the same.

The behaviour, I see is the following:

Green led lights up (power is ok)
After a while blue led lights up (this means kernel is running) - but it is constantly up, no blinkings, nothing
Ethernet (LAN - 1GB) blinks up for a while every 1-2 minutes - I think that the PC is testing if connected, but otherwise inactive
I was waiting around 20 minutes, but the situation was the same, ethernet blinks 1, then goes down, PC is not detecting any LAN

rockpi_boot.png569×745 475 KB

In the meanwhile, I’ve downloaded the official debian for RockPI e (https://dl.radxa.com/rockpie/images/debian/rockpie_debian_buster_server_arm64_20210126_0056-gpt.img.gz) and it boots correctly.

SleepWalker · May 26, 2021, 4:12pm

@abal
I have only one guess - what is recorded on the eMMC flash interferes with OPNsense runing.

Remove eMMC flash

Yes, it is important even before turning on the Ethernet device,
the cable must be connected to SWITSH or Computer.

Please try to enable several times!

If that doesn’t work then try downloading this FreeBSD image.

FreeBSD-aarch64-13.0-RELEASE-Rock-Pi-E-20210517.img.xz
On the contrary, it requests an IP address from a DHCP server.
Login via ssh
Username: admin
Password: admin